8778 matches found
CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
UBUNTU-CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
CVE-2026-3099
Affects Libsoup’s server-side Digest authentication in SoupAuthDomainDigest. The vulnerability arises from failure to properly track issued nonces and increment nonce-count (nc), enabling a remote attacker to capture a single valid authentication header and replay it to bypass authentication and ...
CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
CVE-2026-3099
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
CVE-2026-3099 Libsoup: libsoup: authentication bypass via digest authentication replay attack
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
CVE-2026-3099 Libsoup: libsoup: authentication bypass via digest authentication replay attack
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count nc attribute. This vulnerability allows a remote attacker to capture a single valid...
CVE-2026-3226
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions in the SendEmailAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catchlpajax dispatcher verifies a...
Exploit for Improper Authentication in Controlid Idsecure
CVE-2023-6329 — Control iD iDSecure Authentication Bypass !P...
EUVD-2026-11123
The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.1. This is due to missing nonce validation on the postConfirmOauth function. This makes it possible for unauthenticated attacker...
CVE-2026-3903
The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.1. This is due to missing nonce validation on the postConfirmOauth function. This makes it possible for unauthenticated attacker...
CVE-2026-2917
The Happy Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.21.0 via the haduplicatething admin action handler. This is due to the canclone method only checking currentusercan'editposts' a general capability without...
CVE-2026-3903 Modular Connector <= 2.5.1 - Cross-Site Request Forgery via postConfirmOauth
The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.1. This is due to missing nonce validation on the postConfirmOauth function. This makes it possible for unauthenticated attacker...
CVE-2026-2917
The Happy Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.21.0 via the haduplicatething admin action handler. This is due to the canclone method only checking currentusercan'editposts' a general capability without...
CVE-2026-3903
The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.1. This is due to missing nonce validation on the postConfirmOauth function. This makes it possible for unauthenticated attacker...
CVE-2025-68402
FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...
EUVD-2026-11034
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.7. This is due to missing or incorrect nonce validation on the reloadpreview function. This makes it possible for...
CVE-2026-2324
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.7. This is due to missing or incorrect nonce validation on the reloadpreview function. This makes it possible for...
CVE-2025-68402
FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. passwordverify is currently being called with a constructed string SHA-256 nonce + part of a bcrypt hash instead of the raw user password. Due to bcrypt’s 72-byte...