Total
723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-67953 | 2026-01-29 | N/A | 8.1 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Booking Activities Team Booking Activities booking-activities allows Privilege Escalation.This issue affects Booking Activities: from n/a through <= 1.16.44.
|
|||||
| CVE-2025-67966 | 2026-01-29 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through <= 1.3.3.
|
|||||
| CVE-2025-68027 | 2026-01-28 | N/A | 7.3 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32.
|
|||||
| CVE-2025-68869 | 2026-01-28 | N/A | 9.8 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task-management allows Privilege Escalation.This issue affects LazyTasks: from n/a through <= 1.4.01.
|
|||||
| CVE-2024-54383 | 1 Wpwebelite | 1 Woocommerce Pdf Vouchers | 2026-01-28 | N/A | 9.8 CRITICAL |
|
Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9.
|
|||||
| CVE-2025-69183 | 2026-01-27 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.
|
|||||
| CVE-2025-69182 | 2026-01-27 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4.
|
|||||
| CVE-2025-50007 | 2026-01-26 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through <= 1.2.9.4.
|
|||||
| CVE-2025-69293 | 2026-01-26 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5.
|
|||||
| CVE-2025-69292 | 2026-01-26 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.
|
|||||
| CVE-2026-23800 | 2026-01-26 | N/A | 10.0 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0.
|
|||||
| CVE-2026-22907 | 1 Sick | 2 Tdc-x401gl, Tdc-x401gl Firmware | 2026-01-23 | N/A | 9.9 CRITICAL |
|
An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.
|
|||||
| CVE-2026-22908 | 1 Sick | 2 Tdc-x401gl, Tdc-x401gl Firmware | 2026-01-23 | N/A | 9.1 CRITICAL |
|
Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.
|
|||||
| CVE-2026-22914 | 1 Sick | 2 Tdc-x401gl, Tdc-x401gl Firmware | 2026-01-23 | N/A | 4.3 MEDIUM |
|
An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation.
|
|||||
| CVE-2026-22916 | 1 Sick | 2 Tdc-x401gl, Tdc-x401gl Firmware | 2026-01-23 | N/A | 4.3 MEDIUM |
|
An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.
|
|||||
| CVE-2025-67279 | 1 Tim-solutions | 1 Tim Flow | 2026-01-22 | N/A | 5.3 MEDIUM |
|
An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format
|
|||||
| CVE-2025-67278 | 1 Tim-solutions | 1 Tim Flow | 2026-01-22 | N/A | 6.5 MEDIUM |
|
An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request
|
|||||
| CVE-2025-13888 | 2026-01-22 | N/A | 9.1 CRITICAL | ||
|
A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged workloads that run on master nodes, effectively giving them root access to the entire cluster.
|
|||||
| CVE-2024-31771 | 1 Totalav | 1 Totalav | 2026-01-21 | N/A | 7.8 HIGH |
|
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file
|
|||||
| CVE-2024-27460 | 1 Hp | 1 Poly Plantronics Hub | 2026-01-21 | N/A | 6.7 MEDIUM |
|
A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below.
|
|||||
| CVE-2018-25148 | 1 Microhardcorp | 22 Bullet-3g, Bullet-3g Firmware, Bullet-lte and 19 more | 2026-01-21 | N/A | 8.8 HIGH |
|
Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges, including starting services, disabling firewalls, and writing files to the system.
|
|||||
| CVE-2025-6325 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king-addons allows Privilege Escalation.This issue affects King Addons for Elementor: from n/a through <= 51.1.36.
|
|||||
| CVE-2025-64188 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through <= 8.6.9.
|
|||||
| CVE-2025-62034 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
|
|||||
| CVE-2025-62007 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows Privilege Escalation.This issue affects Voice Feedback: from n/a through <= 1.0.3.
|
|||||
| CVE-2025-60243 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46.
|
|||||
| CVE-2025-60222 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Privilege Escalation.This issue affects SUMO Memberships for WooCommerce: from n/a through <= 7.6.0.
|
|||||
| CVE-2025-60220 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through <= 3.0.0.
|
|||||
| CVE-2025-60211 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in extendons WooCommerce Registration Fields Plugin - Custom Signup Fields extendons-registration-fields allows Privilege Escalation.This issue affects WooCommerce Registration Fields Plugin - Custom Signup Fields: from n/a through <= 3.2.3.
|
|||||
| CVE-2025-60195 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: from n/a through <= 4.2.
|
|||||
| CVE-2025-59580 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through < 2.1.7.
|
|||||
| CVE-2025-59134 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through <= 1.5.8.
|
|||||
| CVE-2025-58710 | 2026-01-20 | N/A | 8.6 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through <= 1.4.0.
|
|||||
| CVE-2025-55707 | 2026-01-20 | N/A | 7.2 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through <= 4.1.35.
|
|||||
| CVE-2025-53428 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through <= 6.4.
|
|||||
| CVE-2025-53425 | 2026-01-20 | N/A | 7.6 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through <= 4.1.2.
|
|||||
| CVE-2025-49924 | 2026-01-20 | N/A | 7.3 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.4.2.
|
|||||
| CVE-2025-49900 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in bPlugins Advanced scrollbar advanced-scrollbar allows Privilege Escalation.This issue affects Advanced scrollbar: from n/a through <= 1.1.8.
|
|||||
| CVE-2025-49379 | 2026-01-20 | N/A | 7.2 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.2.
|
|||||
| CVE-2025-48082 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through <= 1.8.0.
|
|||||