Total
6931 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-68503 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through 2.4.7.
|
|||||
| CVE-2025-68498 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Crocoblock JetTabs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetTabs: from n/a through 2.2.12.
|
|||||
| CVE-2025-68088 | 2026-01-20 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in merkulove Huger for Elementor huger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Huger for Elementor: from n/a through <= 1.1.5.
|
|||||
| CVE-2025-68087 | 2026-01-20 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in merkulove Modalier for Elementor modalier-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modalier for Elementor: from n/a through <= 1.0.6.
|
|||||
| CVE-2025-68086 | 2026-01-20 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in merkulove Reformer for Elementor reformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reformer for Elementor: from n/a through <= 1.0.6.
|
|||||
| CVE-2025-68085 | 2026-01-20 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in merkulove Buttoner for Elementor buttoner-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Buttoner for Elementor: from n/a through <= 1.0.6.
|
|||||
| CVE-2025-68084 | 2026-01-20 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through <= 4.3.2.
|
|||||
| CVE-2025-68036 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Missing Authorization vulnerability in Emraan Cheema CubeWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CubeWP: from n/a through 1.1.27.
|
|||||
| CVE-2025-67976 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through <= 3.4.5.
|
|||||
| CVE-2025-67965 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in favethemes Homey Core homey-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Homey Core: from n/a through <= 2.4.3.
|
|||||
| CVE-2025-67929 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TI WooCommerce Wishlist: from n/a through <= 2.10.0.
|
|||||
| CVE-2025-67926 | 2026-01-20 | N/A | 8.8 HIGH | ||
|
Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through <= 1.10.4.
|
|||||
| CVE-2025-67917 | 2026-01-20 | N/A | 8.1 HIGH | ||
|
Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through <= 3.2.6.
|
|||||
| CVE-2025-67913 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through < 3.0.3.
|
|||||
| CVE-2025-67599 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in WebToffee WebToffee eCommerce Marketing Automation decorator-woocommerce-email-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebToffee eCommerce Marketing Automation: from n/a through <= 2.1.1.
|
|||||
| CVE-2025-67597 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking fluent-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Booking: from n/a through <= 1.9.11.
|
|||||
| CVE-2025-67592 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Joe Dolson My Calendar my-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Calendar: from n/a through <= 3.6.16.
|
|||||
| CVE-2025-67589 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through <= 4.9.1.
|
|||||
| CVE-2025-67588 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0.
|
|||||
| CVE-2025-67586 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0.
|
|||||
| CVE-2025-67584 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6.
|
|||||
| CVE-2025-67583 | 1 Themeatelier | 1 Idonate | 2026-01-20 | N/A | 5.3 MEDIUM |
|
Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15.
|
|||||
| CVE-2025-67582 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1.
|
|||||
| CVE-2025-67581 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0.
|
|||||
| CVE-2025-67580 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1.
|
|||||
| CVE-2025-67579 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Extra Fields: from n/a through <= 16.8.
|
|||||
| CVE-2025-67578 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Email Capture: from n/a through <= 3.12.4.
|
|||||
| CVE-2025-67577 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.8.20.
|
|||||
| CVE-2025-67576 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Link Directory: from n/a through <= 8.8.3.
|
|||||
| CVE-2025-67575 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Andrew Lima Sitewide Notice WP sitewide-notice-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sitewide Notice WP: from n/a through <= 2.4.1.
|
|||||
| CVE-2025-67574 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through <= 3.2.30.
|
|||||
| CVE-2025-67573 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in ThimPress Sailing sailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sailing: from n/a through < 4.4.6.
|
|||||
| CVE-2025-67572 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through < 6.7.4.
|
|||||
| CVE-2025-67571 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through <= 3.6.2.
|
|||||
| CVE-2025-67570 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in GSheetConnector by WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPForms Google Sheet Connector: from n/a through <= 4.0.0.
|
|||||
| CVE-2025-67569 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdForest: from n/a through <= 6.0.11.
|
|||||
| CVE-2025-67568 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in xtemos Basel basel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Basel: from n/a through <= 5.9.1.
|
|||||
| CVE-2025-67566 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in WofficeIO Woffice Core woffice-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woffice Core: from n/a through <= 5.4.30.
|
|||||
| CVE-2025-67563 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through <= 3.6.1.
|
|||||
| CVE-2025-67562 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through < 20.0.
|
|||||