6.5
CVE-2025-68025 - WordPress Addonify Floating Cart For WooCommerce plugin <= 1.2.17 - Broken Access Control vulnerabiβ¦
Missing Authorization vulnerability in Addonify Addonify Floating Cart For WooCommerce addonify-floating-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify Floating Cart For WooCommerce: from n/a through <= 1.2.17.
6.5
CVE-2025-68024 - WordPress Addonify β WooCommerce Wishlist plugin <= 2.0.15 - Settings Change vulnerability
Missing Authorization vulnerability in Addonify Addonify β WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify β WooCommerce Wishlist: from n/a through <= 2.0.15.
6.5
CVE-2025-68023 - WordPress Addonify β Compare Products For WooCommerce plugin <= 1.1.17 - Settings Change vulnerabilβ¦
Missing Authorization vulnerability in Addonify Addonify – Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – Compare Products For WooCommerce: from n/a through <= 1.1.17.
7.3
CVE-2025-68022 - WordPress Plugin BlueX for WooCommerce plugin <= 3.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through <= 3.1.6.
6.5
CVE-2025-68021 - WordPress ConveyThis plugin <= 269.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.9.
6.5
CVE-2025-68005 - WordPress Easy Hotel Booking plugin <= 1.9.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in themewant Easy Hotel Booking easy-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Hotel Booking: from n/a through <= 1.9.2.
6.5
CVE-2025-68002 - WordPress Open User Map plugin <= 1.4.16 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through <= 1.4.16.
6.5
CVE-2025-68000 - WordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15.
8.8
CVE-2025-67998 - WordPress Miraculous Elementor plugin <= 2.0.7 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in kamleshyadav Miraculous Elementor miraculous-el allows Authentication Abuse.This issue affects Miraculous Elementor: from n/a through <= 2.0.7.
9.8
CVE-2025-67997 - WordPress Travelicious theme < 1.6.7 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in BoldThemes Travelicious travelicious allows Object Injection.This issue affects Travelicious: from n/a through < 1.6.7.