Total
4937 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-23773 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in mingocommerce Delete All Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Delete All Posts: from n/a through 1.1.1. | |||||
| CVE-2025-24581 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7. | |||||
| CVE-2025-31338 | 2025-04-17 | N/A | N/A | ||
| A missing authorization vulnerability in the retrieve teacher Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to obtain partial user data by accessing the API functionality. | |||||
| CVE-2025-23906 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in wpseek WordPress Dashboard Tweeter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Dashboard Tweeter: from n/a through 1.3.2. | |||||
| CVE-2025-39457 | 2025-04-17 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Booking and Rental Manager: from n/a through 2.2.8. | |||||
| CVE-2025-39559 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Eivin Landa Bring Fraktguiden for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bring Fraktguiden for WooCommerce: from n/a through 1.11.4. | |||||
| CVE-2025-39533 | 2025-04-17 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Starfish Reviews Starfish Review Generation & Marketing allows Privilege Escalation. This issue affects Starfish Review Generation & Marketing: from n/a through 3.1.14. | |||||
| CVE-2025-32593 | 2025-04-17 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in Bytes Technolab Add Product Frontend for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Add Product Frontend for WooCommerce: from n/a through 1.0.6. | |||||
| CVE-2025-32620 | 2025-04-17 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in fromdoppler Doppler Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Doppler Forms: from n/a through 2.4.5. | |||||
| CVE-2025-39456 | 2025-04-17 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in iTRON WP Logger allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Logger: from n/a through 2.2. | |||||
| CVE-2025-32544 | 2025-04-17 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in The Right Software WooCommerce Loyal Customers allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WooCommerce Loyal Customers: from n/a through 2.6. | |||||
| CVE-2025-39583 | 2025-04-17 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BERTHA AI: from n/a through 1.12.10.2. | |||||
| CVE-2025-39532 | 2025-04-17 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in spicethemes Spice Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Spice Blocks: from n/a through 2.0.7.1. | |||||
| CVE-2025-39580 | 2025-04-17 | N/A | 5.8 MEDIUM | ||
| Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dashi: from n/a through 3.1.8. | |||||
| CVE-2025-39554 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AI Text to Speech: from n/a through 3.0.3. | |||||
| CVE-2023-47458 | 1 Bladex | 1 Springblade | 2025-04-17 | N/A | 9.8 CRITICAL |
| An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework. | |||||
| CVE-2023-6383 | 1 Bowo | 1 Debug Log Manager | 2025-04-17 | N/A | 7.5 HIGH |
| The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data | |||||
| CVE-2022-26423 | 1 Aethon | 1 Tug Home Base Server | 2025-04-17 | N/A | 8.2 HIGH |
| Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. | |||||
| CVE-2022-1070 | 1 Aethon | 1 Tug Home Base Server | 2025-04-17 | N/A | 8.2 HIGH |
| Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. | |||||
| CVE-2022-1066 | 1 Aethon | 1 Tug Home Base Server | 2025-04-17 | N/A | 8.2 HIGH |
| Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials. | |||||