Total
6008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-62993 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notification for Telegram: from n/a through <= 3.4.7. | |||||
| CVE-2025-62870 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eupago Gateway For Woocommerce: from n/a through <= 4.6.3. | |||||
| CVE-2025-62869 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through <= 2.9.17. | |||||
| CVE-2025-62867 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ergonet Cache: from n/a through <= 1.0.11. | |||||
| CVE-2025-62865 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Cloner: from n/a through <= 1.0.0. | |||||
| CVE-2025-62740 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. | |||||
| CVE-2025-62738 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through <= 2.0.2. | |||||
| CVE-2025-62736 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in opicron Image Cleanup image-cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Cleanup: from n/a through <= 1.9.2. | |||||
| CVE-2025-49350 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through <= 2.3.3. | |||||
| CVE-2025-49348 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through <= 1.0.5. | |||||
| CVE-2025-66096 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Imtiaz Rayhan Table Block by Tableberg tableberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Table Block by Tableberg: from n/a through <= 0.6.9. | |||||
| CVE-2025-63034 | 2025-12-10 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through <= 2.8.7. | |||||
| CVE-2025-63025 | 2025-12-10 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Xagio SEO Xagio SEO xagio-seo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xagio SEO: from n/a through <= 7.1.0.29. | |||||
| CVE-2025-63024 | 2025-12-10 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in tychesoftwares Order Delivery Date for WooCommerce order-delivery-date-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Delivery Date for WooCommerce: from n/a through <= 4.3.1. | |||||
| CVE-2025-63023 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Easy Payment Payment Gateway for PayPal on WooCommerce woo-paypal-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway for PayPal on WooCommerce: from n/a through <= 9.0.52. | |||||
| CVE-2025-63008 | 2025-12-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.16.7. | |||||
| CVE-2025-48575 | 1 Google | 1 Android | 2025-12-10 | N/A | 7.8 HIGH |
| In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-67599 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through <= 2.1.1. | |||||
| CVE-2025-67597 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking fluent-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Booking: from n/a through <= 1.9.11. | |||||
| CVE-2025-67592 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Joe Dolson My Calendar my-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Calendar: from n/a through <= 3.6.16. | |||||