Export limit exceeded: 10706 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 11759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11759 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39545 | 1 Miniorange | 1 Wordpress Rest Api Authentication | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in miniOrange WordPress REST API Authentication wp-rest-api-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress REST API Authentication: from n/a through <= 3.6.3. | ||||
| CVE-2025-39541 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in Roland Murg WP Simple Booking Calendar wp-simple-booking-calendar.This issue affects WP Simple Booking Calendar: from n/a through <= 2.0.13. | ||||
| CVE-2025-39533 | 2026-04-23 | 8.8 High | ||
| Missing Authorization vulnerability in Starfish Reviews Starfish Review Generation & Marketing starfish-reviews allows Privilege Escalation.This issue affects Starfish Review Generation & Marketing: from n/a through <= 3.1.19. | ||||
| CVE-2025-39532 | 2026-04-23 | 7.5 High | ||
| Missing Authorization vulnerability in spicethemes Spice Blocks spice-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spice Blocks: from n/a through <= 2.0.7.7. | ||||
| CVE-2025-39531 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in slazzercom Slazzer Background Changer slazzer-background-changer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slazzer Background Changer: from n/a through <= 3.14. | ||||
| CVE-2025-39522 | 2026-04-23 | 5.4 Medium | ||
| Missing Authorization vulnerability in Service2Client LLC Dynamic Post dynamic-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Post: from n/a through <= 5.03. | ||||
| CVE-2025-39513 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in ActiveDEMAND Online Agency Marketing Automation ActiveDEMAND activedemand allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ActiveDEMAND: from n/a through <= 0.2.46. | ||||
| CVE-2025-39511 | 1 Valvepress | 1 Pinterest Automatic Pin | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinterest Automatic Pin: from n/a through <= 4.19.0. | ||||
| CVE-2025-39493 | 1 Valvepress | 1 Rankie | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in ValvePress Rankie valvepress-rankie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rankie: from n/a through < 1.8.2. | ||||
| CVE-2025-39482 | 1 Imithemes | 1 Eventer | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through < 3.11.4. | ||||
| CVE-2025-39460 | 1 Thimpress | 1 Eduma | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in ThimPress Eduma eduma allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eduma: from n/a through <= 5.6.4. | ||||
| CVE-2025-39457 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking and Rental Manager: from n/a through <= 2.2.8. | ||||
| CVE-2025-39456 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in iTRON WP Logger wp-data-logger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Logger: from n/a through <= 2.2. | ||||
| CVE-2025-39454 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in Jeroen Peters Name Directory name-directory.This issue affects Name Directory: from n/a through <= 1.30.0. | ||||
| CVE-2025-39413 | 1 Wpgoplugins | 1 Simple Sitemap | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap simple-sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through <= 3.6.0. | ||||
| CVE-2025-39412 | 1 Averta | 1 Master Slider | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through <= 3.11.0. | ||||
| CVE-2025-39398 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Themovation Bellevue bellevuex.This issue affects Bellevue: from n/a through <= 4.2.2. | ||||
| CVE-2025-39390 | 2026-04-23 | 5.3 Medium | ||
| Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking and Rental Manager: from n/a through <= 2.3.6. | ||||
| CVE-2025-39385 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in vowelweb Sirat sirat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sirat: from n/a through <= 1.5.1. | ||||
| CVE-2025-39376 | 2026-04-23 | 4.3 Medium | ||
| Missing Authorization vulnerability in QuanticaLabs Car Park Booking System for WordPress car-park-booking-system-for-wordpress.This issue affects Car Park Booking System for WordPress: from n/a through <= 2.6. | ||||