Total
5587 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54712 | 2025-08-15 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7. | |||||
| CVE-2025-54739 | 2025-08-15 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4. | |||||
| CVE-2025-53341 | 2025-08-15 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Themovation Stratus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stratus: from n/a through 4.2.5. | |||||
| CVE-2025-55716 | 2025-08-15 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15. | |||||
| CVE-2025-53343 | 2025-08-15 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in GoodLayers Modernize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Modernize: from n/a through 3.4.0. | |||||
| CVE-2024-12553 | 1 Geovision | 1 Gv-asmanager | 2025-08-14 | N/A | 6.5 MEDIUM |
| GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision GV-ASManager. Although authentication is required to exploit this vulnerability, default guest credentials may be used. The specific flaw exists within the GV-ASWeb service. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25394. | |||||
| CVE-2025-49747 | 1 Microsoft | 1 Azure Machine Learning | 2025-08-14 | N/A | 9.9 CRITICAL |
| Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-50171 | 1 Microsoft | 3 Windows Server 2022, Windows Server 2022 23h2, Windows Server 2025 | 2025-08-14 | N/A | 9.1 CRITICAL |
| Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-52731 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through 4.0.24. | |||||
| CVE-2025-52775 | 2025-08-14 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in Ronik@UnlimitedWP Project Cost Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Project Cost Calculator: from n/a through 1.0.0. | |||||
| CVE-2025-54679 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in vertim Neon Channel Product Customizer Free allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Neon Channel Product Customizer Free: from n/a through 2.0. | |||||
| CVE-2025-30993 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thank You Page Customizer for WooCommerce – Increase Your Sales: from n/a through 1.1.7. | |||||
| CVE-2025-50029 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Ashish AI Tools allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AI Tools: from n/a through 4.0.7. | |||||
| CVE-2025-30639 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in ThemeAtelier IDonatePro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects IDonatePro: from n/a through 2.1.9. | |||||
| CVE-2025-28962 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in stefanoai Advanced Google Universal Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Google Universal Analytics: from n/a through 1.0.3. | |||||
| CVE-2025-49052 | 2025-08-14 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Dariolee Netease Music allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Netease Music: from n/a through 3.2.1. | |||||
| CVE-2025-52801 | 2025-08-14 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in VonStroheim TheBooking allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects TheBooking: from n/a through 1.4.4. | |||||
| CVE-2025-54695 | 2025-08-14 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in HasTech HT Mega allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HT Mega: from n/a through 2.9.0. | |||||
| CVE-2025-52721 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in LCweb Global Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Global Gallery: from n/a through 9.2.3. | |||||
| CVE-2025-52785 | 2025-08-14 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in softnwords SMM API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SMM API: from n/a through 6.0.30. | |||||