Total
6217 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49969 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2. | ||||
| CVE-2025-49970 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hello FSE Blog: from n/a through 1.0.6. | ||||
| CVE-2025-49971 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects eDS Responsive Menu: from n/a through 1.2. | ||||
| CVE-2025-49973 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in GrandPlugins Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes: from n/a through 1.0.9. | ||||
| CVE-2025-49974 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in upstreamplugin UpStream: a Project Management Plugin for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects UpStream: a Project Management Plugin for WordPress: from n/a through 2.1.0. | ||||
| CVE-2025-49976 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in WANotifier WANotifier allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WANotifier: from n/a through 2.7.7. | ||||
| CVE-2025-49979 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in slui Media Hygiene allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Media Hygiene: from n/a through 4.0.1. | ||||
| CVE-2025-49980 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in WP Event Manager WP User Profile Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Profile Avatar: from n/a through 1.0.6. | ||||
| CVE-2025-49981 | 2025-06-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in mahabub81 User Roles and Capabilities allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects User Roles and Capabilities: from n/a through 1.2.6. | ||||
| CVE-2025-50034 | 2025-06-23 | 6.5 Medium | ||
| Missing Authorization vulnerability in Mahmudul Hasan Arif Enhanced Blocks – Page Builder Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Enhanced Blocks – Page Builder Blocks for Gutenberg: from n/a through 1.4.1. | ||||
| CVE-2025-50010 | 2025-06-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Zapier Zapier for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zapier for WordPress: from n/a through 1.5.2. | ||||
| CVE-2025-49988 | 2025-06-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in Renzo Contact Form 7 AWeber Extension allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Contact Form 7 AWeber Extension: from n/a through 0.1.38. | ||||
| CVE-2025-49986 | 2025-06-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in thanhtungtnt Video List Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Video List Manager: from n/a through 1.7. | ||||
| CVE-2025-50009 | 2025-06-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Climax Themes Kata Plus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Kata Plus: from n/a through 1.5.3. | ||||
| CVE-2025-49993 | 2025-06-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in Cookie Script Cookie-Script.com allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cookie-Script.com: from n/a through 1.2.1. | ||||
| CVE-2025-52802 | 2025-06-23 | 7.5 High | ||
| Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Import YouTube videos as WP Posts: from n/a through 2.1. | ||||
| CVE-2025-49997 | 2025-06-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.17. | ||||
| CVE-2025-49998 | 2025-06-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Wetail WooCommerce Fortnox Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Fortnox Integration: from n/a through 4.5.5. | ||||
| CVE-2025-50008 | 2025-06-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in cscode WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily: from n/a through 1.2.4.5. | ||||
| CVE-2025-49996 | 2025-06-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.8. | ||||