Total
7117 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69052 | 2 Fmeaddons, Wordpress | 2 Registration And Login With Mobile Phone Number For Woocommerce, Wordpress | 2026-01-27 | 9.8 Critical |
| Missing Authorization vulnerability in FmeAddons Registration & Login with Mobile Phone Number for WooCommerce registration-login-with-mobile-phone-number allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registration & Login with Mobile Phone Number for WooCommerce: from n/a through <= 1.3.1. | ||||
| CVE-2025-66140 | 2 Merkulove, Wordpress | 2 Uper For Elementor, Wordpress | 2026-01-27 | 5.4 Medium |
| Missing Authorization vulnerability in merkulove Uper for Elementor uper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uper for Elementor: from n/a through <= 1.0.5. | ||||
| CVE-2025-58938 | 2 Themeatelier, Wordpress | 2 Idonate, Wordpress | 2026-01-27 | 7.6 High |
| Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonatePro: from n/a through <= 2.1.9. | ||||
| CVE-2026-24534 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7. | ||||
| CVE-2026-24524 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 8.1 High |
| Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.2. | ||||
| CVE-2025-66138 | 2 Merkulove, Wordpress | 2 Motionger For Elementor, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in merkulove Motionger for Elementor motionger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Motionger for Elementor: from n/a through <= 2.0.4. | ||||
| CVE-2025-66137 | 2 Merkulove, Wordpress | 2 Searcher For Elementor, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through <= 1.0.3. | ||||
| CVE-2025-66136 | 2 Merkulove, Wordpress | 2 Carter For Elementor, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in merkulove Carter for Elementor carter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carter for Elementor: from n/a through <= 1.0.2. | ||||
| CVE-2025-66135 | 2 Merkulove, Wordpress | 2 Imager For Elementor, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through <= 2.0.4. | ||||
| CVE-2025-63018 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through <= 2.229. | ||||
| CVE-2025-62754 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 9.1 Critical |
| Missing Authorization vulnerability in Kapil Paul Payment Gateway bKash for WC woo-payment-bkash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway bKash for WC: from n/a through <= 3.1.0. | ||||
| CVE-2025-62106 | 2 Mario Peshev, Wordpress | 2 Wp-crm-system, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. | ||||
| CVE-2025-5805 | 2 Ninetheme, Wordpress | 2 Electron, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through <= 1.8.2. | ||||
| CVE-2025-54002 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through <= 1.2.9.4. | ||||
| CVE-2025-49375 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in cozythemes HomeLancer homelancer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeLancer: from n/a through <= 1.0.1. | ||||
| CVE-2026-24566 | 2 Inet, Wordpress | 2 Inet Webkit, Wordpress | 2026-01-26 | 6.5 Medium |
| Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iNET Webkit: from n/a through <= 1.2.4. | ||||
| CVE-2025-69193 | 2 E-plugins, Wordpress | 2 Wp Membership, Wordpress | 2026-01-26 | 7.3 High |
| Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.4. | ||||
| CVE-2025-69192 | 2 E-plugins, Wordpress | 2 Real Estate Pro, Wordpress | 2026-01-26 | 7.3 High |
| Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5. | ||||
| CVE-2025-69191 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 7.3 High |
| Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingHub: from n/a through <= 1.2.7. | ||||
| CVE-2026-24567 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in briarinc Anything Order by Terms anything-order-by-terms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Anything Order by Terms: from n/a through <= 1.4.0. | ||||