Total
7842 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-50010 | 2026-04-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Zapier Zapier for WordPress zapier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zapier for WordPress: from n/a through <= 1.5.2. | ||||
| CVE-2025-50009 | 2026-04-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through <= 1.5.3. | ||||
| CVE-2025-49998 | 2026-04-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Wetail WooCommerce Fortnox Integration woocommerce-fortnox-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Fortnox Integration: from n/a through <= 4.5.5. | ||||
| CVE-2025-49997 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress rafflepress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Giveaways and Contests by RafflePress: from n/a through <= 1.12.18. | ||||
| CVE-2025-49996 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 8.4. | ||||
| CVE-2025-49993 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in csarturas Cookie-Script.com cookie-script-com allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cookie-Script.com: from n/a through <= 1.2.1. | ||||
| CVE-2025-49990 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contentstudio: from n/a through <= 1.3.7. | ||||
| CVE-2025-49989 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in App Cheap App Builder app-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Builder: from n/a through <= 5.5.6. | ||||
| CVE-2025-49988 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through <= 0.1.40. | ||||
| CVE-2025-49987 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in WPFactory CRM ERP Business Solution crm-erp-business-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CRM ERP Business Solution: from n/a through <= 1.13. | ||||
| CVE-2025-49986 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in thanhtungtnt Video List Manager video-list-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Video List Manager: from n/a through <= 1.7. | ||||
| CVE-2025-49981 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in mahabub81 User Roles and Capabilities user-roles-and-capabilities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Roles and Capabilities: from n/a through <= 1.2.6. | ||||
| CVE-2025-49980 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in WP Event Manager WP User Profile Avatar wp-user-profile-avatar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Profile Avatar: from n/a through <= 1.0.6. | ||||
| CVE-2025-49979 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in slui Media Hygiene media-hygiene allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Hygiene: from n/a through <= 4.0.1. | ||||
| CVE-2025-49976 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through <= 2.7.12. | ||||
| CVE-2025-49974 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in upstreamplugin UpStream: a Project Management Plugin for WordPress upstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpStream: a Project Management Plugin for WordPress: from n/a through <= 2.1.1. | ||||
| CVE-2025-49973 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in GrandPlugins Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes image-sizes-controller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes: from n/a through <= 1.0.10. | ||||
| CVE-2025-49971 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eDS Responsive Menu: from n/a through <= 1.2. | ||||
| CVE-2025-49970 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog hello-fse-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE Blog: from n/a through <= 1.0.6. | ||||
| CVE-2025-49969 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through <= 1.2.17.2. | ||||