Total
5660 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13801 | 2025-03-27 | N/A | 8.1 HIGH | ||
| The BWL Advanced FAQ Manager plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'baf_set_notice_status' AJAX action in all versions up to, and including, 2.1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to '1' on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration. | |||||
| CVE-2025-30803 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Greg Ross Just Writing Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Just Writing Statistics: from n/a through 5.3. | |||||
| CVE-2025-30767 | 2025-03-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.3.0. | |||||
| CVE-2025-30790 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in alexvtn Chatbox Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Chatbox Manager: from n/a through 1.2.2. | |||||
| CVE-2025-30772 | 2025-03-27 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in WPClever WPC Smart Upsell Funnel for WooCommerce allows Privilege Escalation. This issue affects WPC Smart Upsell Funnel for WooCommerce: from n/a through 3.0.4. | |||||
| CVE-2025-24972 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, in specific circumstances, users could be added to group direct messages despite disabling direct messaging in their preferences. Versions `3.3.4` and `3.4.0.beta5` contain a patch for the issue. A workaround is available. If a user disables chat in their preferences then they cannot be added to new group chats. | |||||
| CVE-2025-30866 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Giannis Kipouros Terms & Conditions Per Product allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Terms & Conditions Per Product: from n/a through 1.2.15. | |||||
| CVE-2025-30830 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Hossni Mubarak Cool Author Box allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cool Author Box: from n/a through 2.9.9. | |||||
| CVE-2025-30896 | 2025-03-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP ERP: from n/a through 1.13.4. | |||||
| CVE-2025-30881 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThemeHunk Big Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Big Store: from n/a through 2.0.8. | |||||
| CVE-2025-30864 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in falselight Exchange Rates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Exchange Rates: from n/a through 1.2.2. | |||||
| CVE-2025-30883 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in richplugins Trust.Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trust.Reviews: from n/a through 2.3. | |||||
| CVE-2025-30821 | 2025-03-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through 0.4.14. | |||||
| CVE-2025-22647 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress & Debug: from n/a through 1.2. | |||||
| CVE-2025-30877 | 2025-03-27 | N/A | 2.7 LOW | ||
| Missing Authorization vulnerability in fatcatapps Quiz Cat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Quiz Cat: from n/a through 3.0.8. | |||||
| CVE-2025-22667 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Creative Werk Designs Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets.This issue affects Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets: from n/a through 1.8.2. | |||||
| CVE-2025-30851 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Tickera Tickera allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tickera: from n/a through 3.5.5.2. | |||||
| CVE-2025-30874 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jose Specific Content For Mobile allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specific Content For Mobile: from n/a through 0.5.3. | |||||
| CVE-2025-22671 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Leap13 Disable Elementor Editor Translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Disable Elementor Editor Translation: from n/a through 1.0.2. | |||||
| CVE-2025-22770 | 2025-03-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in EnvoThemes Envo Multipurpose allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Multipurpose: from n/a through 1.1.6. | |||||