Total
5079 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32776 | 1 Apppresser | 1 Apppresser | 2025-06-09 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. | |||||
| CVE-2024-34372 | 1 Addonmaster | 1 Post Grid Master | 2025-06-09 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in AddonMaster Post Grid Master.This issue affects Post Grid Master: from n/a through 3.4.7. | |||||
| CVE-2023-48740 | 1 Easysocialfeed | 1 Easy Social Feed | 2025-06-09 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Easy Social Feed Easy Social Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Feed: from n/a through 6.5.1. | |||||
| CVE-2023-47841 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2025-06-09 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through 5.1.1. | |||||
| CVE-2023-47832 | 1 Searchiq | 1 Searchiq | 2025-06-09 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in searchiq SearchIQ allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through 4.4. | |||||
| CVE-2023-47770 | 1 Muffingroup | 1 Betheme | 2025-06-09 | N/A | 7.6 HIGH |
| Missing Authorization vulnerability in Muffin Group Betheme.This issue affects Betheme: from n/a through 27.1.1. | |||||
| CVE-2023-41953 | 1 Properfraction | 1 Profilepress | 2025-06-09 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1. | |||||
| CVE-2023-50882 | 1 Properfraction | 1 Profilepress | 2025-06-09 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2. | |||||
| CVE-2023-49835 | 1 Metaphorcreations | 1 Post Duplicator | 2025-06-09 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through 2.31. | |||||
| CVE-2023-48774 | 1 Northernbeacheswebsites | 1 Ideapush | 2025-06-09 | N/A | 5.4 MEDIUM |
| Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a. | |||||
| CVE-2025-30897 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2025-06-09 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Analytify: from n/a through 5.5.1. | |||||
| CVE-2025-24736 | 1 Metaphorcreations | 1 Post Duplicator | 2025-06-09 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through 2.35. | |||||
| CVE-2025-45854 | 1 Jehc | 1 Jehc-bpm | 2025-06-09 | N/A | 10.0 CRITICAL |
| /server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams. | |||||
| CVE-2025-48998 | 1 Dataease | 1 Dataease | 2025-06-09 | N/A | 8.8 HIGH |
| DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass of the patch for CVE-2025-27103 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.10. No known workarounds are available. | |||||
| CVE-2025-5521 | 1 5kcrm | 1 Wukongcrm | 2025-06-09 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-5894 | 2025-06-09 | N/A | 8.8 HIGH | ||
| Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts. | |||||
| CVE-2025-47601 | 2025-06-09 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through 2.1.0. | |||||
| CVE-2025-5814 | 2025-06-09 | N/A | 5.3 MEDIUM | ||
| The Profiler – What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsd_plugin_control() function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to reactivate previously deactivated plugins after accessing the "Profiler" page. | |||||
| CVE-2025-39493 | 1 Valvepress | 1 Rankie | 2025-06-06 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in ValvePress Rankie allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rankie: from n/a through 1.8.0. | |||||
| CVE-2025-39482 | 1 Imithemes | 1 Eventer | 2025-06-06 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Eventer: from n/a through 3.9.6. | |||||