Total
5646 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31887 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in zookatron MyBookProgress by Stormhill Media allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyBookProgress by Stormhill Media: from n/a through 1.0.8. | |||||
| CVE-2025-31862 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Job Board Manager: from n/a through 2.1.60. | |||||
| CVE-2025-31866 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Ship Depot ShipDepot for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ShipDepot for WooCommerce: from n/a through 1.2.19. | |||||
| CVE-2025-31810 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in PickPlugins Question Answer allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Question Answer: from n/a through 1.2.70. | |||||
| CVE-2025-31820 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Automatic Featured Images from Videos: from n/a through 1.2.4. | |||||
| CVE-2025-31878 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects UPC/EAN/GTIN Code Generator: from n/a through 2.0.2. | |||||
| CVE-2025-31872 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Clone any post type: from n/a through 3.4. | |||||
| CVE-2025-31881 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Stylemix Pearl allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pearl: from n/a through 1.3.9. | |||||
| CVE-2025-31799 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in publitio Publitio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Publitio: from n/a through 2.1.8. | |||||
| CVE-2025-31831 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Team AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AtomChat: from n/a through 1.1.6. | |||||
| CVE-2025-31826 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8. | |||||
| CVE-2025-31870 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP AutoKeyword: from n/a through 1.0. | |||||
| CVE-2025-31868 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2. | |||||
| CVE-2025-31830 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Uriahs Victor Printus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printus: from n/a through 1.2.6. | |||||
| CVE-2025-31856 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in brainvireinfo Export All Post Meta allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Export All Post Meta: from n/a through 1.2.1. | |||||
| CVE-2025-31848 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WPFactory WordPress Adverts Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Adverts Plugin: from n/a through 1.4. | |||||
| CVE-2025-31846 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Theater for WordPress: from n/a through 0.18.7. | |||||
| CVE-2025-2589 | 1 Code-projects | 1 Human Resource Management | 2025-04-01 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-24459 | 1 Jenkins | 1 Bearychat | 2025-04-01 | N/A | 6.5 MEDIUM |
| A missing permission check in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | |||||
| CVE-2024-28155 | 1 Jenkins | 1 Appspider | 2025-03-29 | N/A | 4.3 MEDIUM |
| Jenkins AppSpider Plugin 1.0.16 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about available scan config names, engine group names, and client names. | |||||