Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2025-62122
|
MEDIUM |
Missing Authorization vulnerability in Solwininfotech Trash Duplicate and 301 Redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trash Duplicate and 301 Redirect: from n/a through 1.9.1.
|
31 Dec 2025
|
|
|
CVE-2025-62079
|
MEDIUM |
Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through 1.0.3.
|
31 Dec 2025
|
|
|
CVE-2025-62126
|
MEDIUM |
Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through 1.8.3.
|
31 Dec 2025
|
|
|
CVE-2025-49338
|
MEDIUM |
Missing Authorization vulnerability in Flowbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flowbox: from n/a through 1.1.5.
|
31 Dec 2025
|
|
|
CVE-2025-62747
|
MEDIUM |
Missing Authorization vulnerability in Aum Watcharapon Featured Image Generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image Generator: from n/a through 1.3.3.
|
31 Dec 2025
|
|
|
CVE-2025-15390
|
MEDIUM |
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
|
31 Dec 2025
|
|
|
CVE-2025-49334
|
MEDIUM |
Authorization Bypass Through User-Controlled Key vulnerability in Eduardo Villão MyD Delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyD Delivery: from n/a through 1.3.7.
|
31 Dec 2025
|
|
|
CVE-2025-59136
|
MEDIUM |
Insertion of Sensitive Information Into Sent Data vulnerability in Efí Bank Gerencianet Oficial allows Retrieve Embedded Sensitive Data.This issue affects Gerencianet Oficial: from n/a through 3.1.3.
|
31 Dec 2025
|
|
|
CVE-2025-62129
|
MEDIUM |
Missing Authorization vulnerability in Magnigenie RestroPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through 3.2.4.2.
|
31 Dec 2025
|
|
|
CVE-2025-62092
|
MEDIUM |
Missing Authorization vulnerability in Wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through 1.4.99.
|
31 Dec 2025
|
|
|
CVE-2025-62755
|
MEDIUM |
Unauthenticated Broken Access Control in GS Portfolio for Envato <= 1.4.2 versions.
|
31 Dec 2025
|
|
|
CVE-2025-63031
|
MEDIUM |
Missing Authorization vulnerability in WP Grids EasyTest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyTest: from n/a through 1.0.1.
|
31 Dec 2025
|
|
|
CVE-2025-62139
|
MEDIUM |
Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9.
|
31 Dec 2025
|
|
|
CVE-2025-62141
|
MEDIUM |
Missing Authorization vulnerability in 101gen Wawp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wawp: from n/a through 4.0.5.
|
31 Dec 2025
|
|
|
CVE-2025-63022
|
MEDIUM |
Missing Authorization vulnerability in Illia Simple Like Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through 1.5.3.
|
31 Dec 2025
|
|
|
CVE-2025-63016
|
MEDIUM |
Missing Authorization vulnerability in Quadlayers QuadLayers TikTok Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through 4.6.4.
|
31 Dec 2025
|
|
|
CVE-2025-62145
|
MEDIUM |
Missing Authorization vulnerability in NewClarity DMCA Protection Badge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DMCA Protection Badge: from n/a through 2.2.0.
|
31 Dec 2025
|
|
|
CVE-2025-62147
|
MEDIUM |
Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3.
|
31 Dec 2025
|
|
|
CVE-2025-62081
|
MEDIUM |
Missing Authorization vulnerability in Channelize.Io Team Live Shopping & Shoppable Videos For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through 2.2.0.
|
31 Dec 2025
|
|
|
CVE-2025-63053
|
MEDIUM |
Authorization Bypass Through User-Controlled Key vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.9.9.4.
|
31 Dec 2025
|
|
|
CVE-2025-63001
|
MEDIUM |
Missing Authorization vulnerability in nicdark Hotel Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Booking: from n/a through 3.8.
|
31 Dec 2025
|
|
|
CVE-2025-49349
|
MEDIUM |
Missing Authorization vulnerability in Reuters News Agency Reuters Direct allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reuters Direct: from n/a through 3.0.0.
|
31 Dec 2025
|
|
|
CVE-2025-62098
|
MEDIUM |
Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.
|
31 Dec 2025
|
|
|
CVE-2025-62091
|
MEDIUM |
Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.8.2.
|
31 Dec 2025
|
|
|
CVE-2025-62108
|
MEDIUM |
Missing Authorization vulnerability in SaifuMak Add Custom Codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through 4.80.
|
31 Dec 2025
|
CVE-2025-62122
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Solwininfotech Trash Duplicate and 301 Redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trash Duplicate and 301 Redirect: from n/a through 1.9.1.
CVE-2025-62079
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through 1.0.3.
CVE-2025-62126
MEDIUM
31 Dec 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through 1.8.3.
CVE-2025-49338
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Flowbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flowbox: from n/a through 1.1.5.
CVE-2025-62747
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Aum Watcharapon Featured Image Generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image Generator: from n/a through 1.3.3.
CVE-2025-15390
MEDIUM
31 Dec 2025
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
CVE-2025-49334
MEDIUM
31 Dec 2025
Authorization Bypass Through User-Controlled Key vulnerability in Eduardo Villão MyD Delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyD Delivery: from n/a through 1.3.7.
CVE-2025-59136
MEDIUM
31 Dec 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Efí Bank Gerencianet Oficial allows Retrieve Embedded Sensitive Data.This issue affects Gerencianet Oficial: from n/a through 3.1.3.
CVE-2025-62129
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Magnigenie RestroPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through 3.2.4.2.
CVE-2025-62092
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through 1.4.99.
CVE-2025-62755
MEDIUM
31 Dec 2025
Unauthenticated Broken Access Control in GS Portfolio for Envato <= 1.4.2 versions.
CVE-2025-63031
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in WP Grids EasyTest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyTest: from n/a through 1.0.1.
CVE-2025-62139
MEDIUM
31 Dec 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9.
CVE-2025-62141
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in 101gen Wawp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wawp: from n/a through 4.0.5.
CVE-2025-63022
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Illia Simple Like Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through 1.5.3.
CVE-2025-63016
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Quadlayers QuadLayers TikTok Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through 4.6.4.
CVE-2025-62145
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in NewClarity DMCA Protection Badge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DMCA Protection Badge: from n/a through 2.2.0.
CVE-2025-62147
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3.
CVE-2025-62081
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Channelize.Io Team Live Shopping & Shoppable Videos For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through 2.2.0.
CVE-2025-63053
MEDIUM
31 Dec 2025
Authorization Bypass Through User-Controlled Key vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.9.9.4.
CVE-2025-63001
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in nicdark Hotel Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Booking: from n/a through 3.8.
CVE-2025-49349
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Reuters News Agency Reuters Direct allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reuters Direct: from n/a through 3.0.0.
CVE-2025-62098
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.
CVE-2025-62091
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.8.2.
CVE-2025-62108
MEDIUM
31 Dec 2025
Missing Authorization vulnerability in SaifuMak Add Custom Codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through 4.80.
Page 106 of 670
Page 106 of 670