The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation

The Opal Estate Pro plugin ≤ 1.7.5 is vulnerable to privilege escalation. Due to missing role restrictions in the onregisteruser function, users can register with any role. This allows unauthenticated attackers to create administrator accounts. id: CVE-2025-6934 info: name: The Opal Estate Pro –...

CVE-2026-24597

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

CVE-2026-24597

The CVE concerns the WordPress Organization Chart plugin (WpDevArt) for WordPress, affected versions up to 1.7.5. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in the Organization chart component, allowing unauthorized actions to be performed by an authenticated user in some cont...

EUVD-2026-31742

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

CVE-2026-24597

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin Organization chart versions = 1.7.5...

PT-2026-43129

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

WordPress plugin Organization chart 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

EUVD-2026-30491

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. From 1.1.0 to 1.7.4, the TrailingSlashMiddleware in internal/api/server.go is vulnerable to an open redirect attack. An attacker can craft a URL with a protocol-relative path e.g., //evil.com/ tha...

CVE-2026-44427 MCP Registry: Open Redirect

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. From 1.1.0 to 1.7.4, the TrailingSlashMiddleware in internal/api/server.go is vulnerable to an open redirect attack. An attacker can craft a URL with a protocol-relative path e.g., //evil.com/ tha...

CVE-2026-44427

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. From 1.1.0 to 1.7.4, the TrailingSlashMiddleware in internal/api/server.go is vulnerable to an open redirect attack. An attacker can craft a URL with a protocol-relative path e.g., //evil.com/ tha...

CVE-2026-6500

Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6500

Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6500

Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5...

EUVD-2026-26971

Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6500

CVE-2026-6500 concerns a plaintext password storage vulnerability in OpenConcerto 1.7.5 by ILM Informatique. The issue allows retrieval of embedded sensitive data due to unencrypted passwords stored in plaintext. The available connected records confirm affected product/version and the root cause ...

CVE-2026-6500

Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6499

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5...