Total
5660 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-60165 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in HaruTheme Frames allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Frames: from n/a through 1.5.7. | |||||
| CVE-2025-60143 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in netgsm Netgsm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Netgsm: from n/a through 2.9.58. | |||||
| CVE-2025-60094 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Benjamin Intal Stackable allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stackable: from n/a through 3.18.1. | |||||
| CVE-2025-60097 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in CodexThemes TheGem allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TheGem: from n/a through 5.10.5. | |||||
| CVE-2025-60155 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in loopus WP Virtual Assistant allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Virtual Assistant: from n/a through 3.0. | |||||
| CVE-2025-60106 | 2025-09-26 | N/A | 4.9 MEDIUM | ||
| Missing Authorization vulnerability in Roxnor EmailKit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EmailKit: from n/a through 1.6.0. | |||||
| CVE-2025-58919 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in guihom Wide Banner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wide Banner: from n/a through 1.0.4. | |||||
| CVE-2025-60121 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Ex-Themes WooEvents allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooEvents: from n/a through 4.1.7. | |||||
| CVE-2025-60096 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in CodexThemes TheGem (Elementor) allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TheGem (Elementor): from n/a through 5.10.5. | |||||
| CVE-2025-48326 | 2025-09-26 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Acclectic Media Acclectic Media Organizer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Acclectic Media Organizer: from n/a through 1.4. | |||||
| CVE-2025-60166 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Subscription Forms PRO: from n/a through 2.0.5. | |||||
| CVE-2025-60129 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Yext Yext allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yext: from n/a through 1.1.3. | |||||
| CVE-2025-60128 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Delicious Delisho allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Delisho: from n/a through 1.1.3. | |||||
| CVE-2025-60127 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in ArtistScope CopySafe Web Protection allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CopySafe Web Protection: from n/a through 4.3. | |||||
| CVE-2025-60130 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wedos.com WEDOS Global allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEDOS Global: from n/a through 1.2.2. | |||||
| CVE-2025-54458 | 1 Mattermost | 1 Confluence | 2025-09-25 | N/A | 5.0 MEDIUM |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to create a subscription for a Confluence space the user does not have access to via the create subscription endpoint. | |||||
| CVE-2025-53910 | 1 Mattermost | 1 Confluence | 2025-09-25 | N/A | 4.0 MEDIUM |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint. | |||||
| CVE-2025-53857 | 1 Mattermost | 1 Confluence | 2025-09-25 | N/A | 3.7 LOW |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint. | |||||
| CVE-2025-48731 | 1 Mattermost | 1 Confluence | 2025-09-25 | N/A | 6.4 MEDIUM |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to edit a subscription for a Confluence space the user does not have access for via edit subscription endpoint. | |||||
| CVE-2025-44001 | 1 Mattermost | 1 Confluence | 2025-09-25 | N/A | 4.0 MEDIUM |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the Get Channel Subscriptions details endpoint. | |||||