Total
7898 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68850 | 2 Codepeople, Wordpress | 2 Sell Downloads, Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in codepeople Sell Downloads sell-downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sell Downloads: from n/a through <= 1.1.12. | ||||
| CVE-2025-68016 | 3 Onepay Sri Lanka, Woocommerce, Wordpress | 3 Onepay Payment Gateway For Woocommerce, Woocommerce, Wordpress | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in Onepay Sri Lanka onepay Payment Gateway For WooCommerce onepay-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onepay Payment Gateway For WooCommerce: from n/a through <= 1.1.2. | ||||
| CVE-2025-67956 | 2 Wordpress, Wpeverest | 2 Wordpress, User Registration | 2026-04-29 | 8.2 High |
| Missing Authorization vulnerability in wpeverest User Registration user-registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through <= 4.4.6. | ||||
| CVE-2025-67969 | 2 Knitpay, Wordpress | 2 Upi Qr Code Payment Gateway For Woocommerce, Wordpress | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPI QR Code Payment Gateway for WooCommerce: from n/a through <= 1.5.1. | ||||
| CVE-2025-46434 | 3 Elementor, Posimyth, Wordpress | 3 Elementor, The Plus Addons For Elementor, Wordpress | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro theplus_elementor_addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a through < 6.3.7. | ||||
| CVE-2025-54743 | 2 Mkscripts, Wordpress | 2 Download After Email, Wordpress | 2026-04-29 | 5.8 Medium |
| Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through 2.1.5-2.1.6. | ||||
| CVE-2025-39451 | 2026-04-29 | 7.5 High | ||
| Missing Authorization vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.16. | ||||
| CVE-2025-53348 | 2 Laborator, Wordpress | 2 Kalium, Wordpress | 2026-04-29 | 5.3 Medium |
| Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through <= 3.18.3. | ||||
| CVE-2025-48147 | 2026-04-29 | 6.5 Medium | ||
| Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway cryptocloud-crypto-payment-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CryptoCloud - Crypto Payment Gateway: from n/a through <= 2.1.2. | ||||
| CVE-2025-39449 | 2026-04-29 | 7.5 High | ||
| Missing Authorization vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetWooBuilder: from n/a through <= 2.1.18. | ||||
| CVE-2025-39447 | 1 Crocoblock | 1 Jetelements For Elementor | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Crocoblock JetElements For Elementor jet-elements allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1. | ||||
| CVE-2025-27008 | 2026-04-29 | 7.5 High | ||
| Missing Authorization vulnerability in NotFound Unlimited Timeline unlimited-timeline allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Unlimited Timeline: from n/a through < 1.6.1. | ||||
| CVE-2025-26958 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through <= 2.4.3. | ||||
| CVE-2025-26953 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9. | ||||
| CVE-2025-26942 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in Crocoblock JetTricks jet-tricks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetTricks: from n/a through <= 1.5.1. | ||||
| CVE-2025-24643 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPGuppy: from n/a through <= 1.1.0. | ||||
| CVE-2025-24606 | 2026-04-29 | 6.4 Medium | ||
| Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.1. | ||||
| CVE-2025-24607 | 1 Northernbeacheswebsites | 1 Ideapush | 2026-04-29 | 5.8 Medium |
| Missing Authorization vulnerability in Northern Beaches Websites IdeaPush ideapush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through <= 8.71. | ||||
| CVE-2024-56067 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.5 High |
| Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through <= 2.3.3. | ||||
| CVE-2025-22698 | 2026-04-29 | 6.3 Medium | ||
| Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Suite: from n/a through <= 4.18. | ||||