0.0
CVE-2025-66089 - WordPress Product Feed for WooCommerce plugin <= 2.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Feed for WooCommerce: from n/a through <= 2.3.1.
0.0
CVE-2025-66087 - WordPress PropertyHive plugin <= 2.1.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Property Hive PropertyHive propertyhive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through <= 2.1.12.
0.0
CVE-2025-66086 - WordPress SMS Alert Order Notifications plugin <= 3.8.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.8.
0.0
CVE-2025-66085 - WordPress Arconix Shortcodes plugin <= 2.1.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arconix Shortcodes: from n/a through <= 2.1.18.
0.0
CVE-2025-66084 - WordPress FluentCommunity plugin <= 2.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Shahjahan Jewel FluentCommunity fluent-community allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentCommunity: from n/a through <= 2.0.0.
0.0
CVE-2025-66083 - WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
0.0
CVE-2025-66082 - WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
0.0
CVE-2025-66081 - WordPress Head Meta Data plugin <= 20250327 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Head Meta Data head-meta-data allows Stored XSS.This issue affects Head Meta Data: from n/a through <= 20250327.
0.0
CVE-2025-66079 - WordPress Gutenverse Form plugin <= 2.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse Form: from n/a through <= 2.2.0.
0.0
CVE-2025-66077 - WordPress Legal Pages plugin <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Legal Pages: from n/a through <= 1.4.6.