Missing Authorization vulnerability in WPXPO WowOptin optin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowOptin: from n/a through <= 1.4.32.
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3.
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13.
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 3.2.3.
Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 4.2.4.
Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 2.7.8.
Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo.This issue affects SEO Plugin by Squirrly SEO: from n/a through <= 12.4.07.
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pm_invite_user function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add themselves or any registered user to any ProfileGrid group, including closed and paid groups, bypassing all authorization and payment gates.
In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to modify checklists by sending a PATCH request. The route lacks proper access control, such as middleware to ensure that only authorized users (e.g., project owners or admins) can modify checklist data. This vulnerability allows any user associated with the project, regardless of their role, to modify checklists, including changing the slug or data fields, which can lead to tampering with essential project workflows, altering business logic, and introducing errors that undermine integrity.
OpenClaw before 2026.4.20 contains a guard bypass vulnerability in the agent-facing gateway config.patch and config.apply endpoints that fails to protect operator-trusted settings including sandbox policy, plugin enablement, gateway auth/TLS, hook routing, MCP server configuration, SSRF policy, and filesystem hardening. A prompt-injected model with access to the owner-only gateway tool can persist unauthorized changes to protected operator settings.
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treport_quiz_atttempt_delete and tutor_gc_class_action in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with the subscriber-level access and above, to preform an administrative actions on the site, like comments, posts or users deletion, viewing notifications, etc.
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to unauthorized membership payment bypass in all versions up to, and including, 4.16.11. This is due to a missing ownership verification on the `change_plan_sub_id` parameter in the `process_checkout()` function. This makes it possible for authenticated attackers, with subscriber level access and above, to reference another user's active subscription during checkout to manipulate proration calculations, allowing them to obtain paid lifetime membership plans without payment via the `ppress_process_checkout` AJAX action.
SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint requires only the model.CheckAuth role, which accepts RoleReader sessions, but it does not enforce stricter checks, such as CheckAdminRole or CheckReadonly. This allows remote authenticated publish users with read-only privileges to append new blocks to existing documents, compromising the integrity of stored notes.
Actual is a local-first personal finance tool. Prior to version 26.2.1, in multi-user mode (OpenID), the sync API endpoints (`/sync/*`) don't verify that the authenticated user owns or has access to the file being operated on. Any authenticated user can read, modify, and overwrite any other user's budget files by providing their file ID. Version 26.2.1 patches the issue.
youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The importUsers function in SysUserController.java does not perform a permission check on the current user's identity, which may allow regular users to import user data into the database, resulting in an authorization bypass vulnerability.
Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2.