Total
5660 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30944 | 2025-10-23 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Essekia Tablesome Table Premium tablesome-premium allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Tablesome Table Premium: from n/a through <= 1.1.23. | |||||
| CVE-2025-62052 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Horea Radu One Page Express Companion one-page-express-companion.This issue affects One Page Express Companion: from n/a through <= 1.6.43. | |||||
| CVE-2025-49937 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through <= 4.3.2. | |||||
| CVE-2025-49920 | 2025-10-23 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Web Accessibility By accessiBe: from n/a through <= 2.10. | |||||
| CVE-2025-49916 | 2025-10-23 | N/A | 8.6 HIGH | ||
| Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23. | |||||
| CVE-2025-49913 | 2025-10-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through <= 3.4.0. | |||||
| CVE-2021-30713 | 1 Apple | 2 Mac Os X, Macos | 2025-10-23 | 4.6 MEDIUM | 7.8 HIGH |
| A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.. | |||||
| CVE-2021-30657 | 1 Apple | 2 Mac Os X, Macos | 2025-10-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.. | |||||
| CVE-2025-62073 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Sovlix MeetingHub meetinghub.This issue affects MeetingHub: from n/a through <= 1.23.9. | |||||
| CVE-2025-62072 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users.This issue affects Front End Users: from n/a through <= 3.2.33. | |||||
| CVE-2025-62071 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.29. | |||||
| CVE-2025-62070 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13. | |||||
| CVE-2025-49910 | 2025-10-23 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPGuppy: from n/a through <= 1.1.4. | |||||
| CVE-2025-42911 | 1 Sap | 1 Sap Basis | 2025-10-23 | N/A | 5.0 MEDIUM |
| SAP NetWeaver (Service Data Download) allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the application | |||||
| CVE-2025-42918 | 1 Sap | 1 Sap Basis | 2025-10-23 | N/A | 4.3 MEDIUM |
| SAP NetWeaver Application Server for ABAP allows authenticated users with access to background processing to gain unauthorized read access to profile parameters. This results in a low impact on confidentiality, with no impact on integrity or availability | |||||
| CVE-2025-49906 | 2025-10-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through <= 2.9.5.3. | |||||
| CVE-2025-49903 | 2025-10-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in bdthemes ZoloBlocks zoloblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ZoloBlocks: from n/a through <= 2.3.11. | |||||
| CVE-2025-49899 | 2025-10-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in jjlemstra Whydonate wp-whydonate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Whydonate: from n/a through <= 4.0.15. | |||||
| CVE-2025-49377 | 2025-10-22 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Themefic Hydra Booking hydra-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hydra Booking: from n/a through <= 1.1.9. | |||||
| CVE-2025-49376 | 2025-10-22 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects DELUCKS SEO: from n/a through <= 2.5.9. | |||||