Total
4922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24725 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThimPress Thim Elementor Kit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thim Elementor Kit: from n/a through 1.2.8. | |||||
| CVE-2025-24705 | 2025-01-24 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Arshid WooCommerce Quick View allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Quick View: from n/a through 1.1.1. | |||||
| CVE-2025-24693 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Yehi Advanced Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Notifications: from n/a through 1.2.7. | |||||
| CVE-2025-24691 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Gagan Sandhu , Enej Bajgoric , CTLT DEV, UBC People Lists allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects People Lists: from n/a through 1.3.10. | |||||
| CVE-2025-24682 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in mikemmx Super Block Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Block Slider: from n/a through 2.7.9. | |||||
| CVE-2025-24679 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in webraketen Internal Links Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Links Manager: from n/a through 2.5.2. | |||||
| CVE-2025-24652 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Revmakx WP Duplicate – WordPress Migration Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Duplicate – WordPress Migration Plugin: from n/a through 1.1.6. | |||||
| CVE-2025-24649 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in wpase.com Admin and Site Enhancements (ASE) allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Admin and Site Enhancements (ASE): from n/a through 7.6.2. | |||||
| CVE-2025-24625 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Marco Almeida | Webdados Taxonomy/Term and Role based Discounts for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxonomy/Term and Role based Discounts for WooCommerce: from n/a through 5.1. | |||||
| CVE-2025-24618 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ElementInvader ElementInvader Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ElementInvader Addons for Elementor: from n/a through 1.3.1. | |||||
| CVE-2025-24613 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Foliovision FV Thoughtful Comments allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FV Thoughtful Comments: from n/a through 0.3.5. | |||||
| CVE-2025-24604 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Vikas Ratudi VForm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VForm: from n/a through 3.0.5. | |||||
| CVE-2025-24594 | 2025-01-24 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Speedcomp Linet ERP-Woocommerce Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Linet ERP-Woocommerce Integration: from n/a through 3.5.7. | |||||
| CVE-2025-24591 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in NinjaTeam GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.1. | |||||
| CVE-2025-24589 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in JS Morisset JSM Show Post Metadata allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JSM Show Post Metadata: from n/a through 4.6.0. | |||||
| CVE-2025-24588 | 2025-01-24 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Patreon Patreon WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Patreon WordPress: from n/a through 1.9.1. | |||||
| CVE-2025-24580 | 2025-01-24 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a through 3.16.5. | |||||
| CVE-2025-24571 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Epsiloncool WP Fast Total Search allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Fast Total Search: from n/a through 1.78.258. | |||||
| CVE-2024-12879 | 1 Quantumcloud | 1 Wpot | 2025-01-24 | N/A | 4.3 MEDIUM |
| The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qc_wp_latest_update_check_pro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create Simple Text Responses to chat queries. | |||||
| CVE-2024-4223 | 1 Themeum | 1 Tutor Lms | 2025-01-24 | N/A | 9.8 CRITICAL |
| The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data. | |||||