Total
6163 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67548 | 2 Wordpress, Wpdelicious | 2 Wordpress, Wp Delicious | 2025-12-10 | 6.5 Medium |
| Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through <= 1.9.1. | ||||
| CVE-2025-67474 | 2 Ultimatemember, Wordpress | 2 Forumwp, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through <= 2.1.4. | ||||
| CVE-2025-67468 | 2 Crmperks, Wordpress | 2 Integration For Salesforce And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms cf7-salesforce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms: from n/a through <= 1.4.6. | ||||
| CVE-2025-66527 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in VanKarWai Lobo lobo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lobo: from n/a through <= 2.8.6. | ||||
| CVE-2025-66526 | 2 Essekia, Wordpress | 2 Tablesome Table, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.34. | ||||
| CVE-2025-66525 | 2 Elasticemail, Wordpress | 2 Elastic Email Sender, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Elastic Email Elastic Email Sender elastic-email-sender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Sender: from n/a through <= 1.2.20. | ||||
| CVE-2025-64257 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Tickets: from n/a through <= 2.1.0. | ||||
| CVE-2025-63006 | 2 Metagauss, Wordpress | 2 Eventprime, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.4.1. | ||||
| CVE-2025-62999 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 5.4 Medium |
| Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through <= 3.4. | ||||
| CVE-2025-62996 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through <= 1.4.12. | ||||
| CVE-2025-62995 | 2 Multiparcels, Wordpress | 2 Multiparcels Shipping For Woocommerce, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through <= 1.30.12. | ||||
| CVE-2025-62993 | 2 Rainafarai, Wordpress | 2 Notification For Telegram, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notification for Telegram: from n/a through <= 3.4.7. | ||||
| CVE-2025-62870 | 3 Eupago, Woocommerce, Wordpress | 3 Eupago Gateway Woocommerce, Woocommerce, Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eupago Gateway For Woocommerce: from n/a through <= 4.6.3. | ||||
| CVE-2025-62869 | 2 Gravitec.net, Wordpress | 2 Web Push Notifications, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through <= 2.9.17. | ||||
| CVE-2025-62867 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ergonet Cache: from n/a through <= 1.0.11. | ||||
| CVE-2025-62865 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Cloner: from n/a through <= 1.0.0. | ||||
| CVE-2025-62740 | 2 Mario Peshev, Wordpress | 2 Wp-crm-system, Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. | ||||
| CVE-2025-62738 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through <= 2.0.2. | ||||
| CVE-2025-62736 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in opicron Image Cleanup image-cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Cleanup: from n/a through <= 1.9.2. | ||||
| CVE-2025-49350 | 2 Marcoingraiti, Wordpress | 2 Actionwear Products Sync, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through <= 2.3.3. | ||||