4.7
CVE-2025-67586 - WordPress Highlight and Share plugin <= 5.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0.
4.7
CVE-2025-67585 - WordPress Flexmlsยฎ IDX plugin <= 3.15.7 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in flexmls Flexmlsยฎ IDX flexmls-idx allows Phishing.This issue affects Flexmlsยฎ IDX: from n/a through <= 3.15.7.
5.3
CVE-2025-67584 - WordPress GoDAM plugin <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6.
5.3
CVE-2025-67583 - WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15.
5.3
CVE-2025-67582 - WordPress Wbcom Designs plugin <= 2.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1.
5.3
CVE-2025-67581 - WordPress TrueBooker plugin <= 1.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0.
5.3
CVE-2025-67580 - WordPress Constant Contact + WooCommerce plugin <= 2.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1.
5.3
CVE-2025-67579 - WordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Extra Fields: from n/a through <= 16.8.
5.3
CVE-2025-67578 - WordPress WP Email Capture plugin <= 3.12.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Email Capture: from n/a through <= 3.12.4.
5.3
CVE-2025-67577 - WordPress Easy Form Builder plugin <= 3.8.20 - Broken Access Control vulnerability
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.8.20.