Total
7469 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25308 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in wp.insider Simple Membership simple-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Membership: from n/a through <= 4.6.9. | |||||
| CVE-2026-25003 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in madalin.ungureanu Client Portal client-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Portal: from n/a through <= 1.2.1. | |||||
| CVE-2026-25000 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through <= 1.2.0. | |||||
| CVE-2026-24999 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Alma Alma alma-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alma: from n/a through <= 5.16.1. | |||||
| CVE-2026-24375 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through <= 3.2.4. | |||||
| CVE-2026-23804 | 2026-02-19 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in BBR Plugins Better Business Reviews better-business-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Business Reviews: from n/a through <= 0.1.1. | |||||
| CVE-2026-1355 | 1 Github | 1 Enterprise Server | 2026-02-19 | N/A | 6.5 MEDIUM |
| A Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to upload unauthorized content to another user’s repository migration export due to a missing authorization check in the repository migration upload endpoint. By supplying the migration identifier, an attacker could overwrite or replace a victim’s migration archive, potentially causing victims to download attacker-controlled repository data during migration restores or automated imports. An attacker would require authentication to the victim's GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.20 and was fixed in versions 3.19.2, 3.18.5, 3.17.11, 3.16.14, 3.15.18, 3.14.23. This vulnerability was reported via the GitHub Bug Bounty program. | |||||
| CVE-2026-25410 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in tstephenson WP-CORS wp-cors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CORS: from n/a through <= 0.2.2. | |||||
| CVE-2026-25374 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in raratheme Spa and Salon spa-and-salon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spa and Salon: from n/a through <= 1.3.2. | |||||
| CVE-2026-25367 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through < 3.7.2. | |||||
| CVE-2026-25335 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 5.0.0. | |||||
| CVE-2026-25332 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through <= 2.2.9. | |||||
| CVE-2026-25320 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Cool Plugins Elementor Contact Form DB sb-elementor-contact-form-db allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Contact Form DB: from n/a through <= 2.1.3. | |||||
| CVE-2026-25318 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Wisernotify team WiserReview Product Reviews for WooCommerce wiser-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserReview Product Reviews for WooCommerce: from n/a through <= 2.9. | |||||
| CVE-2026-25416 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through <= 1.4.2. | |||||
| CVE-2026-25409 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in crgeary JAMstack Deployments wp-jamstack-deployments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JAMstack Deployments: from n/a through <= 1.1.1. | |||||
| CVE-2026-25408 | 2026-02-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through <= 1.3.5. | |||||
| CVE-2026-25407 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in cookiebot Cookiebot cookiebot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cookiebot: from n/a through <= 4.6.4. | |||||
| CVE-2026-25402 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through <= 16.011.0. | |||||
| CVE-2026-25399 | 2026-02-19 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in CryoutCreations Serious Slider cryout-serious-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serious Slider: from n/a through <= 1.2.7. | |||||