Search Results (36887 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52817 1 Wordpress 1 Wordpress 2026-04-23 8.2 High
Missing Authorization vulnerability in ZealousWeb Abandoned Contact Form 7 abandoned-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Abandoned Contact Form 7: from n/a through <= 2.2.
CVE-2025-52804 1 Wordpress 1 Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in uxper Nuss nuss allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Nuss: from n/a through <= 1.3.7.1.
CVE-2025-52802 2026-04-23 7.5 High
Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts import-youtube-videos-as-wp-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Import YouTube videos as WP Posts: from n/a through <= 2.1.
CVE-2025-52801 1 Wordpress 1 Wordpress 2026-04-23 7.3 High
Missing Authorization vulnerability in VonStroheim TheBooking thebooking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects TheBooking: from n/a through <= 1.4.4.
CVE-2025-52800 1 Wordpress 1 Wordpress 2026-04-23 7.3 High
Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The E-Commerce ERP: from n/a through <= 2.1.1.3.
CVE-2025-52785 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Missing Authorization vulnerability in softnwords SMM API smm-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMM API: from n/a through <= 6.0.31.
CVE-2025-52775 2 Ronik Unlimitedwp, Wordpress 2 Project Cost Calculator, Wordpress 2026-04-23 7.1 High
Missing Authorization vulnerability in Ronik@UnlimitedWP Project Cost Calculator project-cost-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Project Cost Calculator: from n/a through <= 1.0.0.
CVE-2025-52757 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SUMO Memberships for WooCommerce: from n/a through < 7.8.0.
CVE-2025-52731 2 Themefunction, Wordpress 2 Wordpress Event Manager Event Calendar And Booking Plugin, Wordpress 2026-04-23 7.5 High
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through <= 4.0.24.
CVE-2025-52722 1 Wordpress 1 Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoinWebs Classiera classiera allows SQL Injection.This issue affects Classiera: from n/a through <= 4.0.34.
CVE-2025-52720 1 Wordpress 1 Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp allows SQL Injection.This issue affects Super Store Finder: from n/a through <= 7.5.
CVE-2025-52717 1 Lifterlms 1 Lifterlms 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in chrisbadgett LifterLMS lifterlms allows SQL Injection.This issue affects LifterLMS: from n/a through <= 8.0.6.
CVE-2025-52714 1 Wordpress 1 Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows SQL Injection.This issue affects Traveler: from n/a through < 3.2.2.
CVE-2025-50039 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in vgwort VG WORT METIS vgw-metis allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VG WORT METIS: from n/a through <= 2.0.1.
CVE-2025-50031 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in syedamirhussain91 DB Backup db-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DB Backup: from n/a through <= 6.0.
CVE-2025-50029 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Ashish AI Tools artificial-intelligence-auto-content-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Tools: from n/a through <= 4.0.7.
CVE-2025-50028 2026-04-23 6.5 Medium
Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Push Notifications: from n/a through <= 1.2.0.
CVE-2025-50010 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Zapier Zapier for WordPress zapier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zapier for WordPress: from n/a through <= 1.5.2.
CVE-2025-50009 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2025-49998 2026-04-23 5.4 Medium
Missing Authorization vulnerability in Wetail WooCommerce Fortnox Integration woocommerce-fortnox-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Fortnox Integration: from n/a through <= 4.5.5.