NuytsTech Security

NuytsTech Security

CVE-2026-25028

Missing Authorization vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementInvader Addons for Elementor: from n/a through

CVE-2026-25027

Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in ThemeMove Unicamp unicamp allows PHP Local File Inclusion.This issue affects Unicamp: from n/a through

CVE-2026-25024

Cross-Site Request Forgery (CSRF) vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with...

CVE-2026-25022

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Blind SQL Injection.This issue affects KiviCare: from n/a through

CVE-2026-25021

Missing Authorization vulnerability in Mizan Themes Mizan Demo Importer mizan-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mizan Demo Importer: from n/a through

CVE-2026-25020

Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sync for Notion: from n/a through

CVE-2026-25019

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through

CVE-2026-25016

Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through

CVE-2026-25015

Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through

CVE-2026-25014

Cross-Site Request Forgery (CSRF) vulnerability in themelooks Enter Addons enteraddons allows Cross Site Request Forgery.This issue affects Enter Addons: from n/a through

CVE-2026-25012

Missing Authorization vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bannerize Pro: from n/a through

CVE-2026-25011

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through

CVE-2026-25010

Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through