Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
Showing 11,201 - 11,220 of 14,604 CVEs
CVE-2025-68514 MEDIUM - 6.5

Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscriptions: from n/a through <= 2.16.8.

Vendor: Cozmoslabs
Product: Paid Member Subscriptions
Published: Feb 20, 2026
Source: NVD
CVE-2025-68050 MEDIUM - 6.5

Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through <= 1.1.3.

Vendor: Leadpages
Product: Leadpages
Published: Feb 20, 2026
Source: NVD
CVE-2025-68042 MEDIUM - 6.5

Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a through <= 1.2.1.

Vendor: Travelpayouts
Product: Travelpayouts
Published: Feb 20, 2026
Source: NVD
CVE-2025-68032 MEDIUM - 6.5

Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through <= 3.19.0.

Vendor: Passionate Brains
Product: Advanced WC Analytics
Published: Feb 20, 2026
Source: NVD
CVE-2025-68028 MEDIUM - 6.5

Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through <= 2.10.0.

Vendor: Passionate Brains
Product: GA4WP: Google Analytics for WordPress
Published: Feb 20, 2026
Source: NVD
CVE-2025-68026 MEDIUM - 6.5

Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through <= 2.1.1.

Vendor: Niaj Morshed
Product: LC Wizard
Published: Feb 20, 2026
Source: NVD
CVE-2025-68025 MEDIUM - 6.5

Missing Authorization vulnerability in Addonify Addonify Floating Cart For WooCommerce addonify-floating-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify Floating Cart For WooCommerce: from n/a through <= 1.2.17.

Vendor: Addonify
Product: Addonify Floating Cart For WooCommerce
Published: Feb 20, 2026
Source: NVD
CVE-2025-68024 MEDIUM - 6.5

Missing Authorization vulnerability in Addonify Addonify โ€“ WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify โ€“ WooCommerce Wishlist: from n/a through <= 2.0.15.

Vendor: Addonify
Product: Addonify โ€“ WooCommerce Wishlist
Published: Feb 20, 2026
Source: NVD
CVE-2025-68023 MEDIUM - 6.5

Missing Authorization vulnerability in Addonify Addonify &#8211; Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify &#8211; Compare Products For WooCommerce: from n/a through <= 1.1...

Vendor: Addonify
Product: Addonify &#8211; Compare Products For WooCommerce
Published: Feb 20, 2026
Source: NVD
CVE-2025-68022 MEDIUM - 6.3

Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through <= 3.1.6.

Vendor: soporteblue
Product: Plugin BlueX for WooCommerce
Published: Feb 20, 2026
Source: NVD
CVE-2025-68021 MEDIUM - 6.5

Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 269.5.

Vendor: ConveyThis
Product: ConveyThis
Published: Feb 20, 2026
Source: NVD
CVE-2025-68005 MEDIUM - 6.5

Missing Authorization vulnerability in themewant Easy Hotel Booking easy-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Hotel Booking: from n/a through <= 1.8.7.

Vendor: themewant
Product: Easy Hotel Booking
Published: Feb 20, 2026
Source: NVD
CVE-2025-68002 MEDIUM - 6.5

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through <= 1.4.16.

Vendor: 100plugins
Product: Open User Map
Published: Feb 20, 2026
Source: NVD
CVE-2025-68000 MEDIUM - 6.5

Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15.

Vendor: PickPlugins
Product: Testimonial Slider
Published: Feb 20, 2026
Source: NVD
CVE-2025-67993 MEDIUM - 6.5

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.2.1.

Vendor: Vito Peleg
Product: Atarim
Published: Feb 20, 2026
Source: NVD
CVE-2025-67975 MEDIUM - 6.5

Missing Authorization vulnerability in aDirectory aDirectory adirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects aDirectory: from n/a through <= 3.0.3.

Vendor: aDirectory
Product: aDirectory
Published: Feb 20, 2026
Source: NVD
CVE-2025-67973 MEDIUM - 6.5

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.6.2.

Vendor: sunshinephotocart
Product: Sunshine Photo Cart
Published: Feb 20, 2026
Source: NVD
CVE-2025-67970 MEDIUM - 5.3

Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n/a through <= 1.0.

Vendor: vertim
Product: Schedula
Published: Feb 20, 2026
Source: NVD
CVE-2025-67969 MEDIUM - 6.5

Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPI QR Code Payment Gateway for WooCommerce: from n/a through <= 1.5.1.

Vendor: knitpay
Product: UPI QR Code Payment Gateway for WooCommerce
Published: Feb 20, 2026
Source: NVD
CVE-2025-67624 MEDIUM - 6.5

Missing Authorization vulnerability in Arya Dhiratara Optimize More! &#8211; Images optimize-more-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optimize More! &#8211; Images: from n/a through <= 1.1.3.

Vendor: Arya Dhiratara
Product: Optimize More! &#8211; Images
Published: Feb 20, 2026
Source: NVD