Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7184 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64729 | 1 Aveva | 1 Process Optimization | 2026-01-22 | 8.1 High |
| The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files. | ||||
| CVE-2025-39482 | 1 Imithemes | 1 Eventer | 2026-01-22 | 4.3 Medium |
| Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4. | ||||
| CVE-2024-37415 | 1 E2pdf | 1 E2pdf | 2026-01-21 | 5.4 Medium |
| Missing Authorization vulnerability in E2Pdf.Com allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through 1.20.27. | ||||
| CVE-2024-37440 | 2 Church Admin Project, Wordpress | 2 Church Admin, Wordpress | 2026-01-21 | 4.3 Medium |
| Missing Authorization vulnerability in Andy Moyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Church Admin: from n/a through 4.4.4. | ||||
| CVE-2024-31281 | 2 Church Admin Project, Wordpress | 2 Church Admin, Wordpress | 2026-01-21 | 6.3 Medium |
| Missing Authorization vulnerability in Andy Moyle Church Admin church-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Church Admin: from n/a through 4.1.6. | ||||
| CVE-2024-30505 | 2 Church Admin Project, Wordpress | 2 Church Admin, Wordpress | 2026-01-21 | 5.4 Medium |
| Missing Authorization vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.18. | ||||
| CVE-2025-8944 | 2 Oceanwp, Wordpress | 3 Oceanwp, Oceanwp Plugin, Wordpress | 2026-01-20 | 4.3 Medium |
| The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting. | ||||
| CVE-2025-15235 | 2 Quanta Computer, Quantatw | 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim | 2026-01-20 | 6.5 Medium |
| QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerability, allowing authenticated remote attackers to modify specific network packet parameters, enabling certain system functions to access other users' files. | ||||
| CVE-2024-6845 | 2 Smartsearchwp, Webdigit | 2 Chatbot With Chatgpt Wordpress, Chatbot With Chatgpt | 2026-01-20 | 5.3 Medium |
| The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key | ||||
| CVE-2025-49925 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-01-20 | 7.3 High |
| Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.7. | ||||
| CVE-2025-49922 | 2 Etruel, Wordpress | 2 Wpematico Rss Feed Fetcher, Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through <= 2.8.3. | ||||
| CVE-2026-0676 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 5.3 Medium |
| Missing Authorization vulnerability in G5Theme Zorka zorka allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zorka: from n/a through <= 1.5.7. | ||||
| CVE-2026-0674 | 2 Campaign Monitor, Wordpress | 2 For Wordpress, Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for-campaign-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Campaign Monitor for WordPress: from n/a through <= 2.9.0. | ||||
| CVE-2025-69364 | 2 Cloudways, Wordpress | 2 Breeze, Wordpress | 2026-01-20 | 5.3 Medium |
| Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.2.21. | ||||
| CVE-2025-69363 | 2 Cyberchimps, Wordpress | 2 Responsive Addons For Elementor, Wordpress | 2026-01-20 | 6.5 Medium |
| Missing Authorization vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Addons for Elementor: from n/a through <= 2.0.8. | ||||
| CVE-2025-69361 | 2 Publishpress, Wordpress | 2 Post Expirator, Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in PublishPress Post Expirator post-expirator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Expirator: from n/a through <= 4.9.3. | ||||
| CVE-2025-69359 | 2 Wordpress, Wpfunnels | 2 Wordpress, Creator Lms | 2026-01-20 | 5.3 Medium |
| Missing Authorization vulnerability in WPFunnels Creator LMS creatorlms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Creator LMS: from n/a through <= 1.1.12. | ||||
| CVE-2025-69355 | 2 Tickera, Wordpress | 2 Tickera, Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.6.4. | ||||
| CVE-2025-69354 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 5.4 Medium |
| Missing Authorization vulnerability in BBR Plugins Better Business Reviews better-business-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Business Reviews: from n/a through <= 0.1.1. | ||||
| CVE-2025-69353 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 5.4 Medium |
| Missing Authorization vulnerability in Proxy & VPN Blocker Proxy & VPN Blocker proxy-vpn-blocker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Proxy & VPN Blocker: from n/a through <= 3.5.3. | ||||