5.3
CVE-2025-69031 - WordPress Arcane theme <= 3.6.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Skywarrior Arcane arcane allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arcane: from n/a through <= 3.6.6.
5.4
CVE-2025-69030 - WordPress Backpack Traveler theme <= 2.10.3 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Backpack Traveler backpacktraveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backpack Traveler: from n/a through <= 2.10.3.
5.4
CVE-2025-69029 - WordPress Struktur theme <= 2.5.1 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Select-Themes Struktur struktur allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Struktur: from n/a through <= 2.5.1.
5.3
CVE-2025-69028 - WordPress weForms plugin <= 1.6.25 - Broken Access Control vulnerability
Missing Authorization vulnerability in BoldGrid weForms weforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weForms: from n/a through <= 1.6.25.
5.4
CVE-2025-69027 - WordPress Product Delivery Date for WooCommerce โ Lite plugin <= 3.2.0 - Broken Access Control vulnโฆ
Missing Authorization vulnerability in tychesoftwares Product Delivery Date for WooCommerce โ Lite product-delivery-date-for-woocommerce-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Delivery Date for WooCommerce โ Lite: from n/a through <= โฆ
4.3
CVE-2025-69026 - WordPress PopupKit plugin <= 2.2.4 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through <= 2.2.4.
4.3
CVE-2025-69025 - WordPress Poptics plugin <= 1.0.20 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: from n/a through <= 1.0.20.
6.5
CVE-2025-69024 - WordPress BizPrint plugin <= 4.6.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in bizswoop BizPrint print-google-cloud-print-gcp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizPrint: from n/a through <= 4.6.7.
4.3
CVE-2025-69023 - WordPress Discussion Board plugin <= 2.5.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Marketing Fire Discussion Board wp-discussion-board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Discussion Board: from n/a through <= 2.5.7.
5.4
CVE-2025-69022 - WordPress HR Management Lite plugin <= 3.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Weblizar - WordPress Themes & Plugin HR Management Lite hr-management-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HR Management Lite: from n/a through <= 3.6.