Total
4661 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13447 | 1 Thimpress | 1 Wp Hotel Booking | 2025-01-24 | N/A | 4.3 MEDIUM |
| The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hotel_booking_load_order_user AJAX action in all versions up to, and including, 2.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve a list of registered user emails. | |||||
| CVE-2024-13361 | 1 Aipower | 1 Aipower | 2025-01-24 | N/A | 6.3 MEDIUM |
| The AI Power: Complete AI Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpaicg_save_image_media function in all versions up to, and including, 1.8.96. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload image files and embed shortcode attributes in the image_alt value that will execute when sending a POST request to the attachment page. | |||||
| CVE-2025-24751 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in GoDaddy CoBlocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CoBlocks: from n/a through 3.1.13. | |||||
| CVE-2025-24750 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in ExactMetrics ExactMetrics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ExactMetrics: from n/a through 8.1.0. | |||||
| CVE-2025-24736 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through 2.35. | |||||
| CVE-2025-24725 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThimPress Thim Elementor Kit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thim Elementor Kit: from n/a through 1.2.8. | |||||
| CVE-2025-24705 | 2025-01-24 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Arshid WooCommerce Quick View allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Quick View: from n/a through 1.1.1. | |||||
| CVE-2025-24693 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Yehi Advanced Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Notifications: from n/a through 1.2.7. | |||||
| CVE-2025-24691 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Gagan Sandhu , Enej Bajgoric , CTLT DEV, UBC People Lists allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects People Lists: from n/a through 1.3.10. | |||||
| CVE-2025-24682 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in mikemmx Super Block Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Block Slider: from n/a through 2.7.9. | |||||
| CVE-2025-24679 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in webraketen Internal Links Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Links Manager: from n/a through 2.5.2. | |||||
| CVE-2025-24652 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Revmakx WP Duplicate – WordPress Migration Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Duplicate – WordPress Migration Plugin: from n/a through 1.1.6. | |||||
| CVE-2025-24649 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in wpase.com Admin and Site Enhancements (ASE) allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Admin and Site Enhancements (ASE): from n/a through 7.6.2. | |||||
| CVE-2025-24625 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Marco Almeida | Webdados Taxonomy/Term and Role based Discounts for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxonomy/Term and Role based Discounts for WooCommerce: from n/a through 5.1. | |||||
| CVE-2025-24618 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ElementInvader ElementInvader Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ElementInvader Addons for Elementor: from n/a through 1.3.1. | |||||
| CVE-2025-24613 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Foliovision FV Thoughtful Comments allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FV Thoughtful Comments: from n/a through 0.3.5. | |||||
| CVE-2025-24604 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Vikas Ratudi VForm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VForm: from n/a through 3.0.5. | |||||
| CVE-2025-24594 | 2025-01-24 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Speedcomp Linet ERP-Woocommerce Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Linet ERP-Woocommerce Integration: from n/a through 3.5.7. | |||||
| CVE-2025-24591 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in NinjaTeam GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.1. | |||||
| CVE-2025-24589 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in JS Morisset JSM Show Post Metadata allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JSM Show Post Metadata: from n/a through 4.6.0. | |||||