Total
4747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31858 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in matthewrubin Local Magic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Local Magic: from n/a through 2.6.0. | |||||
| CVE-2025-31909 | 2025-04-07 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in NotFound Apptivo Business Site CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Apptivo Business Site CRM: from n/a through 5.3. | |||||
| CVE-2025-31541 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in turitop TuriTop Booking System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TuriTop Booking System: from n/a through 1.0.10. | |||||
| CVE-2025-31795 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Plugin Devs Shopify to WooCommerce Migration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shopify to WooCommerce Migration: from n/a through 1.3.0. | |||||
| CVE-2025-31758 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in BinaryCarpenter Free Woocommerce Product Table View allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Free Woocommerce Product Table View: from n/a through 1.78. | |||||
| CVE-2025-31896 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in istmoplugins GetBookingsWP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GetBookingsWP: from n/a through 1.1.27. | |||||
| CVE-2025-32231 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Bookingor Bookingor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bookingor: from n/a through 1.0.6. | |||||
| CVE-2025-32253 | 2025-04-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ComMotion Course Booking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Course Booking System: from n/a through 6.0.5. | |||||
| CVE-2025-32235 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.9.4. | |||||
| CVE-2025-32237 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Stylemix MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MasterStudy LMS: from n/a through 3.5.23. | |||||
| CVE-2025-32147 | 2025-04-07 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in coothemes Easy WP Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy WP Optimizer: from n/a through 1.1.0. | |||||
| CVE-2025-32239 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social Share Buttons & Analytics Plugin – GetSocial.io: from n/a through 4.5. | |||||
| CVE-2025-2075 | 2025-04-07 | N/A | 8.8 HIGH | ||
| The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing proper capability checks performed through the validate_rest_call() function. This makes it possible for unauthenticated attackers to set the role of arbitrary users to administrator granting full access to the site, though privilege escalation requires an active account on the site so this is considered an authenticated privilege escalation. | |||||
| CVE-2025-32233 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Chill Revive.so – Bulk Rewrite and Republish Blog Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Revive.so – Bulk Rewrite and Republish Blog Posts: from n/a through 2.0.3. | |||||
| CVE-2025-32258 | 2025-04-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in InfoGiants Simple Website Logo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Website Logo: from n/a through 1.1. | |||||
| CVE-2025-32224 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in shivammani Privyr CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Privyr CRM: from n/a through 1.0.1. | |||||
| CVE-2025-32246 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 1-Click Backup & Restore Database: from n/a through 1.0.3. | |||||
| CVE-2025-31381 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in shiptrack Booking Calendar and Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar and Notification: from n/a through 4.0.3. | |||||
| CVE-2025-32229 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Bowo Variable Inspector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Variable Inspector: from n/a through 2.6.3. | |||||
| CVE-2025-32232 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ERA404 StaffList allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaffList: from n/a through 3.2.6. | |||||