Total
4572 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41848 | 1 Majeedraza | 1 Carousel Slider | 2025-04-10 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in Majeed Raza Carousel Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carousel Slider: from n/a through 2.2.2. | |||||
| CVE-2025-32242 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Hive Support Hive Support allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Hive Support: from n/a through 1.2.2. | |||||
| CVE-2025-32236 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Vagonic Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic. This issue affects Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic: from n/a through 1.9. | |||||
| CVE-2025-32221 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Spider Themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EazyDocs: from n/a through 2.6.4. | |||||
| CVE-2025-32240 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in NotFound Site Notify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Site Notify: from n/a through 1.0. | |||||
| CVE-2025-32212 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Specia Theme Specia Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specia Companion: from n/a through 4.6. | |||||
| CVE-2025-32213 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in flothemesplugins Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Flo Forms: from n/a through 1.0.43. | |||||
| CVE-2025-32244 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in QuantumCloud SEO Help allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SEO Help: from n/a through 6.6.1. | |||||
| CVE-2025-32243 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Toast Plugins Internal Link Optimiser allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Link Optimiser: from n/a through 5.1.2. | |||||
| CVE-2025-32210 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation Codes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Registration and Invitation Codes: from n/a through 2.5.2. | |||||
| CVE-2025-32259 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Alimir WP ULike. This issue affects WP ULike: from n/a through 4.7.9.1. | |||||
| CVE-2025-32208 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Hive Support Hive Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hive Support: from n/a through 1.2.2. | |||||
| CVE-2025-32260 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects DethemeKit For Elementor: from n/a through 2.1.10. | |||||
| CVE-2025-32216 | 2025-04-10 | N/A | N/A | ||
| Missing Authorization vulnerability in Spider Themes Spider Elements – Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Spider Elements – Addons for Elementor: from n/a through 1.6.2. | |||||
| CVE-2025-3417 | 2025-04-10 | N/A | 8.8 HIGH | ||
| The Embedder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_set_global_option() function in versions 1.3 to 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | |||||
| CVE-2025-2719 | 2025-04-10 | N/A | 6.5 MEDIUM | ||
| The Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in versions 1.2.8 to 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration. | |||||
| CVE-2025-26888 | 2025-04-09 | N/A | N/A | ||
| Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.8. | |||||
| CVE-2025-31377 | 2025-04-09 | N/A | N/A | ||
| Missing Authorization vulnerability in Asaquzzaman mishu Woo Product Feed For Marketing Channels allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Product Feed For Marketing Channels: from n/a through 1.9.0. | |||||
| CVE-2025-31042 | 2025-04-09 | N/A | N/A | ||
| Missing Authorization vulnerability in rtakao Sandwich Adsense allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sandwich Adsense: from n/a through 4.0.2. | |||||
| CVE-2025-31004 | 2025-04-09 | N/A | N/A | ||
| Missing Authorization vulnerability in Croover.inc Rich Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rich Table of Contents: from n/a through 1.4.0. | |||||