4965766 matches found
CVE-2026-9734
The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the storeInfo function. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2026-16075
A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.getchatsessions of the file astrbot/dashboard/routes/openapi.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It is...
CVE-2026-9734 W3SC Elementor to Zoho CRM <= 2.2.0 - Cross-Site Request Forgery to Settings Update
The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the storeInfo function. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2026-9734
The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the storeInfo function. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2026-46687
creationtimestamp| type| source ---|---|--- 2026-07-18 04:20:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqvfyfplxq2s...
CVE-2026-38754
creationtimestamp| type| source ---|---|--- 2026-07-18 04:04:59+00:00| seen| https://bsky.app/profile/bootintel.bsky.social/post/3mqvf5h6ycs2x...
CVE-2026-16075
A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.getchatsessions of the file astrbot/dashboard/routes/openapi.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It is...
CVE-2026-16075 AstrBotDevs AstrBot session-listing Endpoint open_api.py OpenApiRoute.get_chat_sessions authorization
A flaw has been found in AstrBotDevs AstrBot up to 4.25.5. This vulnerability affects the function OpenApiRoute.getchatsessions of the file astrbot/dashboard/routes/openapi.py of the component session-listing Endpoint. This manipulation of the argument Username causes authorization bypass. It is...
wp2shell
wp2shell Pre-authentication RCE exploit for WordPress Core RE...
Exploit for CVE-2026-60137
wp2shell-lab Educational PoC and lab for CVE-2026-63030 + C...
Exploit for CVE-2026-63030
wp2shell CVE-2026-63030 + CVE-2026-60137: Independent Root C...
share-poc-XRing-O1
CVE-2026-43499 GhostLock – XRing O1 Exploit Research Targ...
MINI-36C6-GRJ5-V42G
Bulletin has no description...
MINI-XMX6-6XXF-JMVM
Bulletin has no description...
MINI-6P7C-FRQ9-CR65
Bulletin has no description...
MINI-HV96-P6V8-W4QC
Bulletin has no description...
MINI-3JPJ-6QC2-26V6
Bulletin has no description...
MINI-CC7P-XC4R-G35C
Bulletin has no description...
MINI-PGF6-573G-47F5
Bulletin has no description...
MINI-CCV7-FQR8-M55H
Bulletin has no description...