Total
347360 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-39624 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through <= 3.2.3. | |||||
| CVE-2026-39616 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Attachments: from n/a through <= 1.4.0. | |||||
| CVE-2026-39614 | 2026-04-29 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through <= 2.3.6. | |||||
| CVE-2026-39612 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through <= 4.2.9. | |||||
| CVE-2026-39609 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through <= 0.3.7. | |||||
| CVE-2026-39605 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through <= 1.1. | |||||
| CVE-2026-39602 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3. | |||||
| CVE-2026-39592 | 2026-04-29 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DEPART: from n/a through <= 1.0.7. | |||||
| CVE-2026-39585 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16. | |||||
| CVE-2026-39572 | 2026-04-29 | N/A | 4.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5. | |||||
| CVE-2026-39566 | 2026-04-29 | N/A | 4.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26. | |||||
| CVE-2026-39565 | 2026-04-29 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpTravelly: from n/a through <= 2.1.7. | |||||
| CVE-2026-39563 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.12. | |||||
| CVE-2026-39561 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7. | |||||
| CVE-2026-39535 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display Eventbrite Events: from n/a through <= 6.5.6. | |||||
| CVE-2026-39520 | 2026-04-29 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through <= 2.1.18. | |||||
| CVE-2026-39510 | 2026-04-29 | N/A | 2.7 LOW | ||
| Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11. | |||||
| CVE-2026-39506 | 2026-04-29 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine (Pro): from n/a through < 3.4.2. | |||||
| CVE-2026-39504 | 2026-04-29 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.2.5. | |||||
| CVE-2026-39488 | 2026-04-29 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through <= 4.0.2. | |||||