CWE-639 CVEs and Security Vulnerabilities

Filtered by CWE-639

Search

Switch to Advanced Search (Beta)

Total 1221 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-69029	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Select-Themes Struktur struktur allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Struktur: from n/a through <= 2.5.1.
CVE-2025-68997	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.40.
CVE-2025-68979	2 Simplecalendar, Wordpress	2 Google Calendar Events, Wordpress	2026-01-20	8.1 High
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through <= 3.5.9.
CVE-2025-68975	1 Wordpress	1 Wordpress	2026-01-20	8.1 High
Authorization Bypass Through User-Controlled Key vulnerability in Eagle-Themes Eagle Booking eagle-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eagle Booking: from n/a through <= 1.3.4.3.
CVE-2025-68502	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetPopup: from n/a through 2.0.20.1.
CVE-2025-68071	2 G5theme, Wordpress	2 Essential Real Estate, Wordpress	2026-01-20	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/a through <= 5.2.2.
CVE-2025-68044	2 Rustaurius, Wordpress	2 Five Star Restaurant Reservations, Wordpress	2026-01-20	8.6 High
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through 2.7.8.
CVE-2025-67985	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through <= 1.1.7.
CVE-2025-67919	2 Wofficeio, Wordpress	2 Woffice Core, Wordpress	2026-01-20	8.1 High
Authorization Bypass Through User-Controlled Key vulnerability in WofficeIO Woffice Core woffice-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woffice Core: from n/a through <= 5.4.30.
CVE-2025-67909	2 Wordpress, Wpswings	2 Wordpress, Membership For Woocommerce	2026-01-20	8.1 High
Authorization Bypass Through User-Controlled Key vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Membership For WooCommerce: from n/a through <= 3.0.3.
CVE-2025-67594	3 Elementor, Thimpress, Wordpress	3 Elementor, Thim Elementor Kit, Wordpress	2026-01-20	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thim Elementor Kit: from n/a through <= 1.3.3.
CVE-2025-66132	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member fapi-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAPI Member: from n/a through <= 2.2.26.
CVE-2025-64283	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Rometheme RTMKit rometheme-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RTMKit: from n/a through <= 1.6.7.
CVE-2025-64282	1 Wordpress	1 Wordpress	2026-01-20	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in RadiusTheme Radius Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Radius Blocks: from n/a through 2.2.1.
CVE-2025-63065	2 Davidlingren, Wordpress	2 Media Library Assistant, Wordpress	2026-01-20	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media Library Assistant media-library-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library Assistant: from n/a through <= 3.30.
CVE-2025-63053	2 Jeweltheme, Wordpress	2 Master Addons For Elementor, Wordpress	2026-01-20	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.9.9.4.
CVE-2025-63043	2 Pickplugins, Wordpress	2 Post Grid, Wordpress	2026-01-20	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.3.19.
CVE-2025-58627	1 Wordpress	1 Wordpress	2026-01-20	9.8 Critical
Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous Core Plugin: from n/a through < 2.0.9.
CVE-2025-49952	2 Favethemes, Wordpress	2 Houzez, Wordpress	2026-01-20	6.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through <= 4.1.1.
CVE-2025-49352	3 Woocommerce, Wordpress, Yoohw Studio	3 Woocommerce, Wordpress, Order Cancellation & Returns For Woocommerce	2026-01-20	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in YoOhw Studio Order Cancellation & Returns for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Cancellation & Returns for WooCommerce: from n/a through 1.1.10.

« first previous Page 3 of 62. next last »