Total
5714 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59567 | 2 Relywp, Wordpress | 2 Coupon Affiliates, Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.8.0. | ||||
| CVE-2025-59551 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in WP Chill Revive.so allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Revive.so: from n/a through 2.0.6. | ||||
| CVE-2025-58968 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 5 Medium |
| Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MaxiBlocks: from n/a through 2.1.3. | ||||
| CVE-2025-58957 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in Vikas Ratudi VPSUForm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VPSUForm: from n/a through 3.2.20. | ||||
| CVE-2025-59413 | 1 Cubecart | 1 Cubecart | 2025-09-23 | 6.5 Medium |
| CubeCart is an ecommerce software solution. Prior to version 6.5.11, a logic flaw exists in the newsletter subscription endpoint that allows an attacker to unsubscribe any user without their consent. By changing the value of the force_unsubscribe parameter in the POST request to 1, an attacker can force the removal of any valid subscriber’s email address. This issue has been patched in version 6.5.11. | ||||
| CVE-2025-59591 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in AdvancedCoding wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpDiscuz: from n/a through 7.6.33. | ||||
| CVE-2025-58672 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 5.4 Medium |
| Missing Authorization vulnerability in Tareq Hasan WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.1.11. | ||||
| CVE-2025-58668 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in VibeThemes WPLMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLMS : from n/a through 4.970. | ||||
| CVE-2025-58667 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 5.4 Medium |
| Missing Authorization vulnerability in CridioStudio ListingPro Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ListingPro Reviews: from n/a through 1.6. | ||||
| CVE-2025-58666 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Website Chat Button: Kommo integration: from n/a through 1.3.1. | ||||
| CVE-2025-58664 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Text To Speech TTS Accessibility: from n/a through 1.9.20. | ||||
| CVE-2025-58663 | 2 Themeum, Wordpress | 2 Qubely, Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in Themeum Qubely allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Qubely: from n/a through 1.8.14. | ||||
| CVE-2025-58660 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 5.4 Medium |
| Missing Authorization vulnerability in brandexponents Oshine Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Oshine Core: from n/a through 1.5.5. | ||||
| CVE-2025-58650 | 2 Syed Balkhi, Wordpress | 2 All In One Seo Pack, Wordpress | 2025-09-23 | 5.4 Medium |
| Missing Authorization vulnerability in Syed Balkhi All In One SEO Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects All In One SEO Pack: from n/a through 4.8.7. | ||||
| CVE-2025-58258 | 2 Thedevoice, Wordpress | 2 Lazy Blocks, Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in nK Lazy Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Lazy Blocks: from n/a through 4.1.0. | ||||
| CVE-2025-58251 | 3 Elementor, Posimyth, Wordpress | 3 Elementor, Sticky Header Effects, Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in POSIMYTH Sticky Header Effects for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sticky Header Effects for Elementor: from n/a through 2.1.2. | ||||
| CVE-2025-58247 | 2 Templateinvaders, Wordpress | 2 Ti Woocommerce Wishlist, Wordpress | 2025-09-23 | 5.3 Medium |
| Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TI WooCommerce Wishlist: from n/a through 2.10.0. | ||||
| CVE-2025-58222 | 1 Wordpress | 1 Wordpress | 2025-09-23 | 5.3 Medium |
| Missing Authorization vulnerability in Maidul Team Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Manager: from n/a through 2.3.14. | ||||
| CVE-2025-58221 | 2 Ontraport, Wordpress | 2 Pilotpress, Wordpress | 2025-09-23 | 4.3 Medium |
| Missing Authorization vulnerability in ONTRAPORT PilotPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PilotPress: from n/a through 2.0.35. | ||||
| CVE-2025-58680 | 2 Gutentor, Wordpress | 2 Gutentor, Wordpress | 2025-09-23 | 6.5 Medium |
| Missing Authorization vulnerability in gutentor Gutentor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Gutentor: from n/a through 3.5.2. | ||||