Filtered by CWE-862

Search

Switch to Advanced Search (Beta)
Total 6161 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-67572 1 Wordpress 1 Wordpress 2025-12-16 5.3 Medium
Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through < 6.7.4.
CVE-2025-66166 2 Merkulove, Wordpress 2 Lottier For Elementor, Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Lottier for Elementor lottier-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for Elementor: from n/a through <= 1.0.9.
CVE-2025-66162 2 Merkulove, Wordpress 2 Spoter For Elementor, Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Spoter for Elementor spoter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spoter for Elementor: from n/a through <= 1.04.
CVE-2025-66129 1 Wordpress 1 Wordpress 2025-12-16 5.3 Medium
Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pochipp: from n/a through <= 1.18.0.
CVE-2025-66128 3 Brevo, Woocommerce, Wordpress 3 Sendinblue For Woocommerce, Woocommerce, Wordpress 2025-12-16 5.3 Medium
Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.
CVE-2025-66124 2 Wordpress, Zeen101 2 Wordpress, Leaky Paywall 2025-12-16 5.3 Medium
Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.5.
CVE-2025-64251 1 Wordpress 1 Wordpress 2025-12-16 4.9 Medium
Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through <= 3.9.3.
CVE-2025-64246 1 Wordpress 1 Wordpress 2025-12-16 4.3 Medium
Missing Authorization vulnerability in netopsae Accessibility by AudioEye accessibility-by-audioeye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility by AudioEye: from n/a through <= 1.0.49.
CVE-2025-64238 1 Wordpress 1 Wordpress 2025-12-16 4.3 Medium
Missing Authorization vulnerability in NicolasKulka WPS Bidouille wps-bidouille allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPS Bidouille: from n/a through <= 1.33.1.
CVE-2025-66165 1 Wordpress 1 Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Lottier for WPBakery lottier-wpbakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier for WPBakery: from n/a through <= 1.1.7.
CVE-2025-66163 2 Merkulove, Wordpress 2 Masker For Elementor, Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Masker for Elementor masker-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masker for Elementor: from n/a through <= 1.1.4.
CVE-2025-66134 2 Ninjateam, Wordpress 2 Filebird, Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in NinjaTeam FileBird Pro filebird-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FileBird Pro: from n/a through <= 6.4.9.
CVE-2025-66402 1 Misskey 1 Misskey 2025-12-16 N/A
Misskey is an open source, federated social media platform. Starting in version 13.0.0-beta.16 and prior to version 2025.12.0, an actor who does not have permission to view favorites or clips can can export the posts and view the contents. Version 2025.12.0 fixes the issue.
CVE-2025-0836 1 Milestone Systems 1 Xprotect Vms 2025-12-16 6.3 Medium
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.
CVE-2025-68088 2 Merkulove, Wordpress 2 Huger For Elementor, Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Huger for Elementor: from n/a through <= 1.1.5.
CVE-2025-54005 1 Wordpress 1 Wordpress 2025-12-16 4.3 Medium
Missing Authorization vulnerability in sonalsinha21 SKT Page Builder skt-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SKT Page Builder: from n/a through <= 4.9.
CVE-2025-66167 1 Wordpress 1 Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Lottier lottier-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lottier: from n/a through <= 1.1.1.
CVE-2025-64245 1 Wordpress 1 Wordpress 2025-12-16 4.3 Medium
Missing Authorization vulnerability in ryanpcmcquen Import external attachments import-external-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import external attachments: from n/a through <= 1.5.12.
CVE-2025-66122 1 Wordpress 1 Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in Design Stylish Price List stylish-price-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stylish Price List: from n/a through <= 7.2.2.
CVE-2025-66161 2 Merkulove, Wordpress 2 Grider For Elementor, Wordpress 2025-12-16 5.4 Medium
Missing Authorization vulnerability in merkulove Grider for Elementor grider-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grider for Elementor: from n/a through <= 1.0.8.