WordPress Plugin MainWP Child - Authentication Bypass

The plugin is vulnerable to an authentication bypass that allows an unauthenticated user to login as an administrator without providing a password. This vulnerability is only exploitable when the plugin has not been connected to a MainWP Dashboard and the "Require unique security ID" option is no...

CVE-2026-10783

creationtimestamp| type| source ---|---|--- 2026-06-04 01:16:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngh7z7r5x2p...

MiracleLinux 9 : kernel-5.14.0-570.33.2.el9_6 (AXSA:2025-10783:60)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10783:60 advisory. kernel: crypto: algifhash - fix double free in hashaccept CVE-2025-38079 kernel: wifi: ath12k: fix invalid access to memory CVE-2025-38292 Tenable...

CVE-2016-10783

cPanel before 60.0.25 allows self stored XSS in SSLlistkeys SEC-182...

EUVD-2020-18370

Malware in sbrugna...

CVE-2025-10783

creationtimestamp| type| source ---|---|--- 2025-09-22 08:35:43+00:00| seen| https://gist.github.com/Darkcrai86/aa620c435668827213b846c5bec33b41...

CVE-2025-10783

A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addsubject.php. Executing manipulation of the argument subjectcode can lead to sql injection. The attack may be performed from remote. T...

CVE-2024-10783

The MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites plugin for WordPress is vulnerable to privilege escalation due to a missing authorization checks on the registersite function in all versions up to, and including, 5.2 when a site is left in an unconfigured stat...

CVE-2024-10783

creationtimestamp| type| source ---|---|--- 2024-12-13 09:30:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113644811939302804 2024-12-13 12:25:40+00:00| seen| https://t.me/cvedetector/12854 2025-03-24 14:32:29+00:00| confirmed|...

CVE-2024-10783

CVE-2024-10783 – MainWP Child (WordPress) Root cause: missing authorization checks in register_site in all versions up to 5.2 when a site is unconfigured, enabling an unauthenticated user to login as an administrator on instances not yet connected to the MainWP Dashboard and without the unique se...

CVE-2024-10783 MainWP Child <= 5.3.3 - Missing Authorization to Unauthenticated Privilege Escalation

The MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites plugin for WordPress is vulnerable to privilege escalation due to a missing authorization checks on the registersite function in all versions up to, and including, 5.2 when a site is left in an unconfigured stat...

Design/Logic Flaw

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

Important: Red Hat Security Advisory: CloudForms 5.0.10 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Cloudforms: Incomplete fix for CVE-2020-10783

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

CVE-2020-25716

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

Critical: Red Hat Security Advisory: CloudForms 4.7.16 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2020-10783

creationtimestamp| type| source ---|---|--- 2020-08-11 16:55:09+00:00| seen| https://t.me/cibsecurity/14024 2021-06-08 03:18:34+00:00| published-proof-of-concept| Telegram/N-v1Hh00wQ-HXBE4zVMhrJUavdzcGWthCouMmjKrO0rSbs...

CVE-2020-10783

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files...

CVE-2020-10783

CVE-2020-10783 affects Red Hat CloudForms Management Engine (CFME) 4.7/5.0.x; a role-based privilege escalation allowed an attacker with a specific group (EVM-Operator) to perform actions reserved for higher-privileged roles (EVM-Super-administrator), including exporting/importing administrator f...

CVE-2020-10783

A role-based privileges escalation flaw was found in Red Hat CloudForms where export or import of administrator files was possible. An attacker with EVM-Operator group can perform actions restricted only to system administrator. Refer CVE-2020-25716 for remaining RBAC group fixes. Mitigation Red...