Total
7141 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52738 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Wikimedia Foundation Wikipedia Preview wikipedia-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wikipedia Preview: from n/a through <= 1.15.0. | |||||
| CVE-2025-49961 | 2026-01-20 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in Breeze Team Breeze Checkout breeze-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze Checkout: from n/a through <= 1.4.0. | |||||
| CVE-2025-49949 | 2026-01-20 | N/A | 5.5 MEDIUM | ||
| Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templazee: from n/a through <= 1.0.2. | |||||
| CVE-2025-49937 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through <= 4.3.2. | |||||
| CVE-2025-49925 | 1 Vibethemes | 1 Wordpress Learning Management System | 2026-01-20 | N/A | 7.3 HIGH |
| Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.7. | |||||
| CVE-2025-49922 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through <= 2.8.3. | |||||
| CVE-2025-49920 | 2026-01-20 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Web Accessibility By accessiBe: from n/a through <= 2.10. | |||||
| CVE-2025-49916 | 2026-01-20 | N/A | 8.6 HIGH | ||
| Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23. | |||||
| CVE-2025-49913 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through <= 3.4.0. | |||||
| CVE-2025-49910 | 2026-01-20 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPGuppy: from n/a through <= 1.1.4. | |||||
| CVE-2025-49907 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.3.9. | |||||
| CVE-2025-49906 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through <= 2.9.5.3. | |||||
| CVE-2025-49903 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in bdthemes ZoloBlocks zoloblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ZoloBlocks: from n/a through <= 2.3.11. | |||||
| CVE-2025-49902 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer – Customizer Login Page, Admin Page, Custom Design: from n/a through <= 2.1.1. | |||||
| CVE-2025-49899 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in jjlemstra Whydonate wp-whydonate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Whydonate: from n/a through <= 4.0.15. | |||||
| CVE-2025-49394 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in bPlugins Image Gallery block – Create and display photo gallery/photo album. 3d-image-gallery allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Image Gallery block – Create and display photo gallery/photo album.: from n/a through <= 1.0.7. | |||||
| CVE-2025-49377 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Themefic Hydra Booking hydra-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hydra Booking: from n/a through <= 1.1.9. | |||||
| CVE-2025-49376 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects DELUCKS SEO: from n/a through <= 2.5.9. | |||||
| CVE-2025-49350 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through <= 2.3.3. | |||||
| CVE-2025-49348 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through <= 1.0.5. | |||||