Total
5540 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49961 | 2025-10-23 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in Breeze Team Breeze Checkout breeze-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze Checkout: from n/a through <= 1.4.0. | |||||
| CVE-2025-49950 | 2025-10-23 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through <= 4.2.5. | |||||
| CVE-2025-49949 | 2025-10-23 | N/A | 5.5 MEDIUM | ||
| Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templazee: from n/a through <= 1.0.2. | |||||
| CVE-2025-49925 | 2025-10-23 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.7. | |||||
| CVE-2025-49922 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPeMatico RSS Feed Fetcher: from n/a through <= 2.8.3. | |||||
| CVE-2025-53424 | 2025-10-23 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in vanquish WooCommerce Orders & Customers Exporter woocommerce-orders-ei allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Orders & Customers Exporter: from n/a through <= 5.4. | |||||
| CVE-2025-53421 | 2025-10-23 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through <= 2.3.14. | |||||
| CVE-2025-53236 | 2025-10-23 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in AndonDesign UDesign Core u-design-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UDesign Core: from n/a through <= 4.14.0. | |||||
| CVE-2025-62048 | 2025-10-23 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform SmartCrawl smartcrawl-seo.This issue affects SmartCrawl: from n/a through <= 3.14.3. | |||||
| CVE-2025-62027 | 2025-10-23 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through <= 5.26.3. | |||||
| CVE-2025-62022 | 2025-10-23 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in BuddyPress BuddyPress buddypress.This issue affects BuddyPress: from n/a through <= 14.3.4. | |||||
| CVE-2025-49907 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.3.9. | |||||
| CVE-2025-30944 | 2025-10-23 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Essekia Tablesome Table Premium tablesome-premium allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Tablesome Table Premium: from n/a through <= 1.1.23. | |||||
| CVE-2025-62052 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Horea Radu One Page Express Companion one-page-express-companion.This issue affects One Page Express Companion: from n/a through <= 1.6.43. | |||||
| CVE-2025-49937 | 2025-10-23 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through <= 4.3.2. | |||||
| CVE-2025-49920 | 2025-10-23 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Web Accessibility By accessiBe: from n/a through <= 2.10. | |||||
| CVE-2025-49916 | 2025-10-23 | N/A | 8.6 HIGH | ||
| Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23. | |||||
| CVE-2025-49913 | 2025-10-23 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through <= 3.4.0. | |||||
| CVE-2021-30713 | 1 Apple | 2 Mac Os X, Macos | 2025-10-23 | 4.6 MEDIUM | 7.8 HIGH |
| A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.. | |||||
| CVE-2021-30657 | 1 Apple | 2 Mac Os X, Macos | 2025-10-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.. | |||||