Total
6016 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64401 | 1 Apache | 1 Openoffice | 2025-11-13 | 7.5 High |
| Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linked to external files would load the contents of those frames without prompting the user for permission to do so. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the issue. The LibreOffice suite reported this issue as CVE-2023-2255 | ||||
| CVE-2025-64402 | 1 Apache | 1 Openoffice | 2025-11-13 | 6.5 Medium |
| Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to external files would load the contents of those files without prompting the user for permission to do so. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the issue. | ||||
| CVE-2025-64403 | 1 Apache | 1 Openoffice | 2025-11-13 | 8.1 High |
| Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the issue. | ||||
| CVE-2025-64358 | 3 Webtoffee, Woocommerce, Wordpress | 3 Smart Coupons For Woocommerce, Woocommerce, Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce wt-smart-coupons-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Coupons for WooCommerce: from n/a through <= 2.2.3. | ||||
| CVE-2025-64356 | 2 F1logic, Wordpress | 2 Insert Php Code Snippet, Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through <= 1.4.3. | ||||
| CVE-2025-64352 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2025-11-13 | 2.7 Low |
| Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.2.4. | ||||
| CVE-2025-64350 | 2 Rank Math Seo, Wordpress | 2 Rank Math Seo, Wordpress | 2025-11-13 | 3.8 Low |
| Missing Authorization vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO: from n/a through <= 1.0.252.1. | ||||
| CVE-2025-64294 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 5.3 Medium |
| Missing Authorization vulnerability in d3wp WP Snow Effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow Effect: from n/a through 1.1.15. | ||||
| CVE-2025-64285 | 3 Premmerce, Woocommerce, Wordpress | 4 Premmerce, Wholesale Pricing For Woocommerce, Woocommerce and 1 more | 2025-11-13 | 5.4 Medium |
| Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through <= 1.1.10. | ||||
| CVE-2025-64234 | 2 Evergreencontentposter, Wordpress | 2 Evergreen Content Poster, Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through <= 1.4.5. | ||||
| CVE-2025-64229 | 2 Boldgrid, Wordpress | 2 Client Invoicing By Sprout Invoices, Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7. | ||||
| CVE-2025-64219 | 2 Strategy11, Wordpress | 2 Business Directory Plugin - Easy Listing Directories, Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.18. | ||||
| CVE-2025-64212 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Lms, Wordpress | 2025-11-13 | 5.4 Medium |
| Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MasterStudy LMS Pro: from n/a through < 4.7.16. | ||||
| CVE-2025-64211 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Elementor Widgets, Wordpress | 2025-11-13 | 5.3 Medium |
| Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets masterstudy-elementor-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masterstudy Elementor Widgets: from n/a through <= 1.2.4. | ||||
| CVE-2025-64210 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Elementor Widgets, Wordpress | 2025-11-13 | 5.4 Medium |
| Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets masterstudy-elementor-widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masterstudy Elementor Widgets: from n/a through <= 1.2.4. | ||||
| CVE-2025-62980 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 8.8 High |
| Missing Authorization vulnerability in MDZ Persian Admnin Fonts persian-admin-fonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Persian Admnin Fonts: from n/a through <= 4.1.03. | ||||
| CVE-2025-62978 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in Kiotviet KiotViet Sync kiotvietsync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiotViet Sync: from n/a through <= 1.8.5. | ||||
| CVE-2025-62977 | 1 Wordpress | 1 Wordpress | 2025-11-13 | 5.3 Medium |
| Missing Authorization vulnerability in 沃之涛 百度站长SEO合集(支持百度/神马/Bing/头条推送) baiduseo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 百度站长SEO合集(支持百度/神马/Bing/头条推送): from n/a through <= 2.1.3. | ||||
| CVE-2025-62976 | 2 Joovii, Wordpress | 2 Sendle Shipping, Wordpress | 2025-11-13 | 5.3 Medium |
| Missing Authorization vulnerability in Joovii Sendle Shipping official-sendle-shipping-method allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Sendle Shipping: from n/a through <= 6.02. | ||||
| CVE-2025-62972 | 2 Webinarpress, Wordpress | 2 Webinarpress, Wordpress | 2025-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebinarPress: from n/a through <= 1.33.28. | ||||