Total
5093 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49990 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in contentstudio ContentStudio allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects ContentStudio: from n/a through 1.3.4. | |||||
| CVE-2025-49982 | 2025-06-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in aguilatechnologies WP Customer Area allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Customer Area: from n/a through 8.2.5. | |||||
| CVE-2025-49981 | 2025-06-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in mahabub81 User Roles and Capabilities allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects User Roles and Capabilities: from n/a through 1.2.6. | |||||
| CVE-2025-49987 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WPFactory CRM ERP Business Solution allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CRM ERP Business Solution: from n/a through 1.13. | |||||
| CVE-2025-50034 | 2025-06-23 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Mahmudul Hasan Arif Enhanced Blocks – Page Builder Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Enhanced Blocks – Page Builder Blocks for Gutenberg: from n/a through 1.4.1. | |||||
| CVE-2025-50008 | 2025-06-23 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in cscode WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily: from n/a through 1.2.4.5. | |||||
| CVE-2025-49971 | 2025-06-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects eDS Responsive Menu: from n/a through 1.2. | |||||
| CVE-2025-49996 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.8. | |||||
| CVE-2025-49973 | 2025-06-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in GrandPlugins Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes: from n/a through 1.0.9. | |||||
| CVE-2025-49997 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.17. | |||||
| CVE-2025-49969 | 2025-06-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2. | |||||
| CVE-2025-49991 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14. | |||||
| CVE-2025-49986 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in thanhtungtnt Video List Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Video List Manager: from n/a through 1.7. | |||||
| CVE-2025-49988 | 2025-06-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Renzo Contact Form 7 AWeber Extension allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Contact Form 7 AWeber Extension: from n/a through 0.1.38. | |||||
| CVE-2025-49998 | 2025-06-23 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Wetail WooCommerce Fortnox Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Fortnox Integration: from n/a through 4.5.5. | |||||
| CVE-2025-5121 | 2025-06-23 | N/A | 8.5 HIGH | ||
| An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have allowed compliance frameworks to be applied to projects outside the compliance framework's group. | |||||
| CVE-2023-5600 | 2025-06-23 | N/A | 3.1 LOW | ||
| An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-desk custom email template. | |||||
| CVE-2024-53591 | 1 Seclore | 1 Seclore | 2025-06-23 | N/A | 9.8 CRITICAL |
| An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a brute force attack. | |||||
| CVE-2024-0236 | 1 Myeventon | 1 Eventon | 2025-06-20 | N/A | 5.3 MEDIUM |
| The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for Zoom) | |||||
| CVE-2024-0235 | 1 Myeventon | 1 Eventon | 2025-06-20 | N/A | 5.3 MEDIUM |
| The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog | |||||