Total
5133 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30767 | 2025-03-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.3.0. | |||||
| CVE-2025-30790 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in alexvtn Chatbox Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Chatbox Manager: from n/a through 1.2.2. | |||||
| CVE-2025-30772 | 2025-03-27 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in WPClever WPC Smart Upsell Funnel for WooCommerce allows Privilege Escalation. This issue affects WPC Smart Upsell Funnel for WooCommerce: from n/a through 3.0.4. | |||||
| CVE-2025-24972 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, in specific circumstances, users could be added to group direct messages despite disabling direct messaging in their preferences. Versions `3.3.4` and `3.4.0.beta5` contain a patch for the issue. A workaround is available. If a user disables chat in their preferences then they cannot be added to new group chats. | |||||
| CVE-2025-30866 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Giannis Kipouros Terms & Conditions Per Product allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Terms & Conditions Per Product: from n/a through 1.2.15. | |||||
| CVE-2025-30830 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Hossni Mubarak Cool Author Box allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cool Author Box: from n/a through 2.9.9. | |||||
| CVE-2025-30896 | 2025-03-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP ERP: from n/a through 1.13.4. | |||||
| CVE-2025-30881 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThemeHunk Big Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Big Store: from n/a through 2.0.8. | |||||
| CVE-2025-30864 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in falselight Exchange Rates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Exchange Rates: from n/a through 1.2.2. | |||||
| CVE-2025-30883 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in richplugins Trust.Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trust.Reviews: from n/a through 2.3. | |||||
| CVE-2025-30821 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through 0.4.14. | |||||
| CVE-2025-22647 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress & Debug: from n/a through 1.2. | |||||
| CVE-2025-30877 | 2025-03-27 | N/A | 2.7 LOW | ||
| Missing Authorization vulnerability in fatcatapps Quiz Cat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Quiz Cat: from n/a through 3.0.8. | |||||
| CVE-2025-22667 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Creative Werk Designs Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets.This issue affects Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets: from n/a through 1.8.2. | |||||
| CVE-2025-30851 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Tickera Tickera allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tickera: from n/a through 3.5.5.2. | |||||
| CVE-2025-30874 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jose Specific Content For Mobile allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specific Content For Mobile: from n/a through 0.5.3. | |||||
| CVE-2025-22671 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through 1.0.2. | |||||
| CVE-2025-22770 | 2025-03-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in EnvoThemes Envo Multipurpose allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Multipurpose: from n/a through 1.1.6. | |||||
| CVE-2025-30828 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.29. | |||||
| CVE-2025-30909 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Conversios.io: from n/a through 7.2.3. | |||||