0.0
CVE-2025-49985 - WordPress Auto Upload Images plugin <= 3.3.2 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images auto-upload-images allows Server Side Request Forgery.This issue affects Auto Upload Images: from n/a through <= 3.3.2.
0.0
CVE-2025-49986 - WordPress Video List Manager plugin <= 1.7 - Broken Access Control Vulnerability
Missing Authorization vulnerability in thanhtungtnt Video List Manager video-list-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Video List Manager: from n/a through <= 1.7.
0.0
CVE-2025-49987 - WordPress CRM ERP Business Solution plugin <= 1.13 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WPFactory CRM ERP Business Solution crm-erp-business-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CRM ERP Business Solution: from n/a through <= 1.13.
0.0
CVE-2025-49988 - WordPress Contact Form 7 AWeber Extension plugin <= 0.1.40 - Broken Access Control vulnerability
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through <= 0.1.40.
0.0
CVE-2025-49989 - WordPress App Builder plugin <= 5.5.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in App Cheap App Builder app-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Builder: from n/a through <= 5.5.6.
0.0
CVE-2025-49990 - WordPress ContentStudio plugin <= 1.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contentstudio: from n/a through <= 1.3.7.
5.3
CVE-2025-49991 - WordPress WP-Recall plugin <= 16.26.14 - Broken Access Control Vulnerability
Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14.
0.0
CVE-2025-49993 - WordPress Cookie-Script.com plugin <= 1.2.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in csarturas Cookie-Script.com cookie-script-com allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cookie-Script.com: from n/a through <= 1.2.1.
0.0
CVE-2025-49995 - WordPress Download Attachments plugin <= 1.3.1 - Insecure Direct Object References (IDOR) vulnerabiβ¦
Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Attachments: from n/a through <= 1.3.1.
0.0
CVE-2025-49996 - WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 8.4 - Broken Access Control vulnerabiβ¦
Missing Authorization vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 8.4.