Total
784 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60243 | 3 Holest Engineering, Woocommerce, Wordpress | 3 Selling Commander For Woocommerce, Woocommerce, Wordpress | 2026-01-20 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46. | ||||
| CVE-2025-60222 | 3 Fantasticplugins, Woocommerce, Wordpress | 3 Sumo Memberships For Woocommerce, Woocommerce, Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Privilege Escalation.This issue affects SUMO Memberships for WooCommerce: from n/a through <= 7.6.0. | ||||
| CVE-2025-60220 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through <= 3.0.0. | ||||
| CVE-2025-60211 | 3 Extendons, Woocommerce, Wordpress | 3 Woocommerce Registration Fields Plugin, Woocommerce, Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in extendons WooCommerce Registration Fields Plugin - Custom Signup Fields extendons-registration-fields allows Privilege Escalation.This issue affects WooCommerce Registration Fields Plugin - Custom Signup Fields: from n/a through <= 3.2.3. | ||||
| CVE-2025-60195 | 2 Atarim, Wordpress | 2 Atarim, Wordpress | 2026-01-20 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: from n/a through <= 4.2. | ||||
| CVE-2025-59580 | 2 Goodlayers, Wordpress | 2 Goodlayers Core, Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through < 2.1.7. | ||||
| CVE-2025-59134 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through <= 1.5.8. | ||||
| CVE-2025-55707 | 2 Wordpress, Wpxpo | 2 Wordpress, Postx | 2026-01-20 | 7.2 High |
| Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through <= 4.1.35. | ||||
| CVE-2025-53428 | 2 N-media, Wordpress | 2 Simple User Registration, Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through <= 6.4. | ||||
| CVE-2025-53425 | 2 Dokan, Wordpress | 2 Dokan, Wordpress | 2026-01-20 | 7.6 High |
| Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through <= 4.1.2. | ||||
| CVE-2025-49900 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in bPlugins Advanced scrollbar advanced-scrollbar allows Privilege Escalation.This issue affects Advanced scrollbar: from n/a through <= 1.1.8. | ||||
| CVE-2025-49379 | 3 Silverplugins217, Woocommerce, Wordpress | 3 Custom Fields Account Registration For Woocommerce, Woocommerce, Wordpress | 2026-01-20 | 7.2 High |
| Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.2. | ||||
| CVE-2025-48082 | 2 Progress Planner, Wordpress | 2 Progress Planner, Wordpress | 2026-01-20 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through <= 1.8.0. | ||||
| CVE-2021-47799 | 1 Visual-tools | 2 Dvr Vx16, Dvr Vx16 Firmware | 2026-01-16 | 6.2 Medium |
| Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges. | ||||
| CVE-2026-23550 | 2 Modular, Wordpress | 2 Modular, Wordpress | 2026-01-15 | 10 Critical |
| Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue affects Modular DS: from n/a through 2.5.1. | ||||
| CVE-2024-32444 | 2 Inspirythemes, Wordpress | 2 Realhomes, Wordpress | 2026-01-14 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege Escalation.This issue affects RealHomes: from n/a through 4.3.6. | ||||
| CVE-2022-50927 | 1 Vertiv | 1 Cyclades Serial Console Server | 2026-01-14 | 6.2 Medium |
| Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricted sudo permissions. | ||||
| CVE-2025-49867 | 2 Inspirythemes, Wordpress | 2 Realhomes, Wordpress | 2026-01-14 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege Escalation. This issue affects RealHomes: from n/a through 4.4.0. | ||||
| CVE-2025-31643 | 2 Dasinfomedia, Wordpress | 2 Wpchurch Church Management System, Wordpress | 2026-01-12 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0. | ||||
| CVE-2025-10978 | 1 Jeecg | 2 Jeecg Boot, Jeecgboot | 2026-01-09 | 4.3 Medium |
| A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||