Total
514 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22736 | 2 Wordpress, Wpexperts | 2 Wordpress, User Management | 2025-07-13 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in WPExperts User Management allows Privilege Escalation.This issue affects User Management: from n/a through 1.2. | ||||
| CVE-2025-26512 | 1 Netapp | 1 Snapcenter | 2025-07-13 | 9.9 Critical |
| SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed. | ||||
| CVE-2025-2089 | 1 Starsea99 | 1 Starsea-mall | 2025-07-13 | 5.4 Medium |
| A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-56280 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Amento Tech Pvt ltd WPGuppy allows Privilege Escalation.This issue affects WPGuppy: from n/a through 1.1.0. | ||||
| CVE-2024-56205 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4. | ||||
| CVE-2024-32555 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in NotFound Easy Real Estate allows Privilege Escalation. This issue affects Easy Real Estate: from n/a through 2.2.6. | ||||
| CVE-2024-51800 | 2 Favethemes, Wordpress | 2 Homey, Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Favethemes Homey allows Privilege Escalation.This issue affects Homey: from n/a through 2.4.1. | ||||
| CVE-2025-31420 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.6 High |
| Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.4.2. | ||||
| CVE-2025-31524 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in NotFound WP User Profiles allows Privilege Escalation. This issue affects WP User Profiles: from n/a through 2.6.2. | ||||
| CVE-2024-56043 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS allows Privilege Escalation.This issue affects WPLMS: from n/a through 1.9.9. | ||||
| CVE-2024-54383 | 2 Wordpress, Wpweb | 2 Wordpress, Woocommerce Pdf Vouchers | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9. | ||||
| CVE-2024-54365 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Halim KH Easy User Settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through 1.0.0. | ||||
| CVE-2024-50702 | 1 Teampass | 1 Teampass | 2025-07-12 | 5.4 Medium |
| TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager. | ||||
| CVE-2024-56000 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements allows Privilege Escalation.This issue affects K Elements: from n/a before 5.4.0. | ||||
| CVE-2024-56071 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0. | ||||
| CVE-2025-23528 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1. | ||||
| CVE-2024-54293 | 2 Ce21, Wordpress | 2 Ce21-suite, Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0. | ||||
| CVE-2024-56040 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in VibeThemes VibeBP allows Privilege Escalation.This issue affects VibeBP: from n/a through 1.9.9.4.1. | ||||
| CVE-2025-5390 | 1 Jeewms | 1 Jeewms | 2025-07-12 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. | ||||
| CVE-2024-50701 | 1 Teampass | 1 Teampass | 2025-07-12 | 4.3 Medium |
| TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin. | ||||