4.3
CVE-2025-32235 - WordPress MP3 Audio Player β Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Brokeβ¦
Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through <= 5.9.4.
4.3
CVE-2025-32234 - WordPress AdMail plugin <= 1.7.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in aleswebs AdMail β Multilingual Back in-Stock Notifier for WooCommerce admail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdMail β Multilingual Back in-Stock Notifier for WooCommerce: from n/a through <= 1.7.0.
4.3
CVE-2025-32233 - WordPress Revive.so plugin <= 2.0.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.3.
4.3
CVE-2025-32232 - WordPress StaffList plugin <= 3.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in ERA404 StaffList stafflist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StaffList: from n/a through <= 3.2.7.
4.3
CVE-2025-32231 - WordPress Bookingor plugin <= 2.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Bookingor Bookingor bookingor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bookingor: from n/a through <= 2.0.1.
4.3
CVE-2025-32229 - WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Bowo Variable Inspector variable-inspector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Variable Inspector: from n/a through <= 2.6.3.
4.3
CVE-2025-32226 - WordPress Display product variations dropdown on shop page plugin <= 1.1.3 - Broken Access Control β¦
Missing Authorization vulnerability in Anzar Ahmed Display product variations dropdown on shop page display-product-variations-dropdown-on-shop-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display product variations dropdown on shop page: from n/a β¦
5.3
CVE-2025-32225 - WordPress WP Event Manager plugin <= 3.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Event Manager WP Event Manager wp-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Event Manager: from n/a through <= 3.2.0.
5.4
CVE-2025-32220 - WordPress Salon booking system plugin <= 10.30.26 - Broken Access Control vulnerability
Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.26.
5.4
CVE-2025-32219 - WordPress eaSYNC plugin <= 1.3.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syntactics, Inc. eaSYNC easync-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eaSYNC: from n/a through <= 1.3.19.