Total
6462 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-66140 | 2026-01-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in merkulove Uper for Elementor uper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uper for Elementor: from n/a through <= 1.0.5. | |||||
| CVE-2026-23683 | 2026-01-27 | N/A | 4.3 MEDIUM | ||
| SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted. | |||||
| CVE-2025-14971 | 2026-01-27 | N/A | 5.3 MEDIUM | ||
| The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createPartialPayment and cancelPartialPayment functions in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated attackers to create partial payments on any order or cancel any existing partial payment via ID enumeration. | |||||
| CVE-2026-24534 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7. | |||||
| CVE-2026-24532 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in SiteLock SiteLock Security sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security: from n/a through <= 5.0.2. | |||||
| CVE-2026-24524 | 2026-01-26 | N/A | 8.1 HIGH | ||
| Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.2. | |||||
| CVE-2025-66138 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Motionger for Elementor motionger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Motionger for Elementor: from n/a through <= 2.0.4. | |||||
| CVE-2025-66137 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through <= 1.0.3. | |||||
| CVE-2025-66136 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Carter for Elementor carter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carter for Elementor: from n/a through <= 1.0.2. | |||||
| CVE-2025-66135 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through <= 2.0.4. | |||||
| CVE-2025-63018 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through <= 2.229. | |||||
| CVE-2025-62754 | 2026-01-26 | N/A | 9.1 CRITICAL | ||
| Missing Authorization vulnerability in Kapil Paul Payment Gateway bKash for WC woo-payment-bkash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway bKash for WC: from n/a through <= 3.1.0. | |||||
| CVE-2025-62106 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. | |||||
| CVE-2025-5805 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through <= 1.8.2. | |||||
| CVE-2025-54002 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through <= 1.2.9.4. | |||||
| CVE-2025-49375 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in cozythemes HomeLancer homelancer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeLancer: from n/a through <= 1.0.1. | |||||
| CVE-2026-24566 | 2026-01-26 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iNET Webkit: from n/a through <= 1.2.4. | |||||
| CVE-2025-69193 | 2026-01-26 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.4. | |||||
| CVE-2025-69192 | 2026-01-26 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5. | |||||
| CVE-2025-69191 | 2026-01-26 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingHub: from n/a through <= 1.2.7. | |||||