CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2023-51355 Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: fr... | 8.2 | HIGH | — | 0 |
| CVE-2023-51357 Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Con... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-51360 Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential ... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-51362 Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-45045 Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget a... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-45061 Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a thro... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-45104 Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= 1... | 7.3 | HIGH | — | 0 |
| CVE-2023-45110 Missing Authorization vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: f... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45271 Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 2.7.8. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45275 Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through <= 2.3.28. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-45636 Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPre... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-45649 Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointme... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-45760 Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.3. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45765 Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.12.6. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45766 Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.7.1. | 5.3 | MEDIUM | — | 0 |
| CVE-2023-46082 Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Lin... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-46606 Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through <= 1.1.4. | 5.3 | MEDIUM | — | 0 |
| CVE-2023-46608 Missing Authorization vulnerability in WPDO DoLogin Security dologin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through <= 3.... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-47557 Missing Authorization vulnerability in wp-buy Visitors Traffic Real Time Statistics visitors-traffic-real-time-statistics allows Exploiting Incorrectly Configured Access Control Security Levels.This i... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47692 Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through <= 1.... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47693 Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue... | 7.5 | HIGH | — | 0 |
| CVE-2025-22527 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yamna Khawaja Mailing Group Listserv wp-mailing-group allows SQL Injection.This issue affects Mail... | 7.6 | HIGH | — | 0 |
| CVE-2025-23429 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in altima-interactive Altima Lookbook Free for WooCommerce altima-lookbook-free-for-woocommerce allow... | 7.1 | HIGH | — | 0 |
| CVE-2025-23434 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viher3 Easy EU Cookie law easy-eu-cookie-law allows Stored XSS.This issue affects Easy EU Cookie l... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-24556 Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through <= 3.2.4. | 7.5 | HIGH | — | 0 |
| CVE-2025-22698 Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Su... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-26757 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL SERVICES FULL Customer full-customer allows PHP Local File Inclusion.This ... | 7.5 | HIGH | — | 0 |
| CVE-2025-28858 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arrow Plugins Arrow Maps ap-google-maps allows Reflected XSS.This issue affects Arrow Maps: from n... | 7.1 | HIGH | — | 0 |
| CVE-2025-31550 Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS wp-less allows Retrieve Embedded Sensitive Data.This issue affects WP-LESS: from n/a thro... | 5.8 | MEDIUM | — | 0 |
| CVE-2025-32491 Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO – On-site SEO rankology-seo-all-in-one-seo-analytics allows Privilege Escalation.This issue affects Rankology SEO – On-site SEO:... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-26953 Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9. | 7.5 | HIGH | — | 0 |
| CVE-2025-30562 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdistillery Navigation Tree Elementor navigation-tree-elementor allows Blind SQL Injection.This i... | 8.5 | HIGH | — | 0 |
| CVE-2025-53196 Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine jet-engine allows Retrieve Embedded Sensitive Data.This issue affects JetEngine: from n/a through <= 3.7.0. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-53998 Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Retrieve Embedded Sensitive Data.This issue affects JetWooBuilder: from n/a through <... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-54008 Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a thr... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-67969 Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.T... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-68514 Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-27541 Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.6. | 7.2 | HIGH | — | 0 |
| CVE-2026-31916 Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Sh... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32331 Missing Authorization vulnerability in Israpil Textmetrics webtexttool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Textmetrics: from n/a through <= 3.6.4... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-32346 Missing Authorization vulnerability in raratheme Travel Agency travel-agency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Agency: from n/a through ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32347 Missing Authorization vulnerability in raratheme Restaurant and Cafe restaurant-and-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restaurant and Cafe:... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32383 Missing Authorization vulnerability in raratheme Ridhi ridhi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ridhi: from n/a through <= 1.1.2. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32386 Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through <= 1.9.1... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-32391 Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through < 1.2.4. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-30661 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine t... | N/A | NONE | — | 0 |
| CVE-2026-32394 Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-enhanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pub... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-32395 Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issu... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32396 Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32397 Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <... | 5.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.