5.3
CVE-2025-15390 - PHPGurukul Small CRM edit-user.php authorization
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attackβ¦
0.0
CVE-2025-49334 - WordPress MyD Delivery plugin <= 1.7.1 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Eduardo VillΓ£o MyD Delivery myd-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyD Delivery: from n/a through <= 1.7.1.
0.0
CVE-2025-59136 - WordPress Gerencianet Oficial plugin <= 3.1.3 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in EfΓ Bank Gerencianet Oficial woo-gerencianet-official allows Retrieve Embedded Sensitive Data.This issue affects Gerencianet Oficial: from n/a through <= 3.1.3.
0.0
CVE-2025-62129 - WordPress RestroPress plugin <= 3.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Magnigenie RestroPress restropress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through <= 3.2.7.
0.0
CVE-2025-62092 - WordPress Wiremo plugin <= 1.4.99 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wiremo Wiremo woo-reviews-by-wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through <= 1.4.99.
0.0
CVE-2025-62755 - WordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through <= 1.4.2.
0.0
CVE-2025-63031 - WordPress EasyTest plugin <= 1.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Grids EasyTest convertpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyTest: from n/a through <= 1.0.1.
0.0
CVE-2025-62139 - WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through <= 3.4.10.
0.0
CVE-2025-62141 - WordPress Wawp plugin <= 4.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Information Technology Wawp automation-web-platform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wawp: from n/a through <= 4.4.
0.0
CVE-2025-63022 - WordPress Simple Like Page plugin <= 1.5.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in topdevs.net Simple Like Page simple-facebook-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through <= 1.5.3.