Total
6008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-67589 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through <= 4.9.1. | |||||
| CVE-2025-67588 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0. | |||||
| CVE-2025-63069 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through <= 5.5.12. | |||||
| CVE-2025-32319 | 1 Google | 1 Android | 2025-12-09 | N/A | 6.7 MEDIUM |
| In ensureBound of RemotePrintService.java, there is a possible way for a background app to keep foreground permissions due to a permissions bypass. This could lead to local escalation of privilege with user execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48591 | 1 Google | 1 Android | 2025-12-09 | N/A | 5.5 MEDIUM |
| In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-67586 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0. | |||||
| CVE-2025-67584 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6. | |||||
| CVE-2025-67582 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1. | |||||
| CVE-2025-67581 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0. | |||||
| CVE-2025-67566 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WofficeIO Woffice Core woffice-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woffice Core: from n/a through <= 5.4.30. | |||||
| CVE-2025-67563 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1. | |||||
| CVE-2025-67562 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through < 20.0. | |||||
| CVE-2025-67561 | 2025-12-09 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through <= 2.0.3. | |||||
| CVE-2025-67560 | 2025-12-09 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Webilia Inc. Listdom listdom allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listdom: from n/a through <= 5.0.1. | |||||
| CVE-2025-67540 | 2025-12-09 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through <= 2.4.5. | |||||
| CVE-2025-42891 | 2025-12-09 | N/A | 5.5 MEDIUM | ||
| Due to a missing authorization check in SAP Enterprise Search for ABAP, an attacker with high privileges may read and export the contents of database tables into an ABAP report. This could lead to a high impact on data confidentiality and a low impact on data integrity. There is no impact on application's availability. | |||||
| CVE-2025-63067 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a through <= 3.6.2. | |||||
| CVE-2025-63056 | 2025-12-09 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through <= 4.3.5. | |||||
| CVE-2025-63063 | 2025-12-09 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Yandex Metrika Yandex.Metrica wp-yandex-metrika allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yandex.Metrica: from n/a through <= 1.2.2. | |||||
| CVE-2025-63047 | 2025-12-09 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through <= 2.9.9. | |||||