Total
4572 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-22007 | 1 Okerthai | 2 G955v1, G955v1 Firmware | 2025-04-04 | N/A | 6.8 MEDIUM |
| OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical attackers to interrupt the boot sequence and execute arbitrary commands with root privileges. | |||||
| CVE-2024-1376 | 1 Avecnous | 1 Event Post | 2025-04-04 | N/A | N/A |
| The Event post plugin for WordPress is vulnerable to unauthorized bulk metadata update due to a missing capability check on the save_bulkdatas function in all versions up to, and including, 5.9.4. This makes it possible for authenticated attackers, with subscriber access or higher, to update post_meta_data. | |||||
| CVE-2024-43142 | 1 Themeum | 1 Tutor Lms | 2025-04-04 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in Themeum Tutor LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through 2.7.3. | |||||
| CVE-2024-43136 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2025-04-04 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.1. | |||||
| CVE-2025-3257 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-44626 | 1 Squirrly | 1 Seo Plugin By Squirrly Seo | 2025-04-04 | N/A | 6.3 MEDIUM |
| Missing Authorization vulnerability in Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.1.20. | |||||
| CVE-2024-4858 | 1 Uapp | 1 Testimonial Carousel For Elementor | 2025-04-04 | N/A | 5.3 MEDIUM |
| The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_testimonials_option_callback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated attackers to update the OpenAI API key, disabling the feature. | |||||
| CVE-2025-32258 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in InfoGiants Simple Website Logo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Website Logo: from n/a through 1.1. | |||||
| CVE-2025-32217 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ai Image Alt Text Generator for WP: from n/a through 1.0.8. | |||||
| CVE-2025-32235 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.9.4. | |||||
| CVE-2025-32178 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.18.0. | |||||
| CVE-2025-32232 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in ERA404 StaffList allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaffList: from n/a through 3.2.6. | |||||
| CVE-2025-32147 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in coothemes Easy WP Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy WP Optimizer: from n/a through 1.1.0. | |||||
| CVE-2025-32234 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in aleswebs AdMail – Multilingual Back in-Stock Notifier for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AdMail – Multilingual Back in-Stock Notifier for WooCommerce: from n/a through 1.7.0. | |||||
| CVE-2025-32277 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 3.8211. | |||||
| CVE-2025-32237 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in Stylemix MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MasterStudy LMS: from n/a through 3.5.23. | |||||
| CVE-2025-32224 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in shivammani Privyr CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Privyr CRM: from n/a through 1.0.1. | |||||
| CVE-2025-32253 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in ComMotion Course Booking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Course Booking System: from n/a through 6.0.5. | |||||
| CVE-2025-32218 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in RealMag777 TableOn – WordPress Posts Table Filterable allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TableOn – WordPress Posts Table Filterable: from n/a through 1.0.4. | |||||
| CVE-2025-32256 | 2025-04-04 | N/A | N/A | ||
| Missing Authorization vulnerability in devsoftbaltic SurveyJS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SurveyJS: from n/a through 1.12.20. | |||||