CVE-2026-24636

Missing Authorization vulnerability in Syed Balkhi Sugar Calendar Lite sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sugar Calendar Lite: from n/a through = 3.9.1...

CVE-2026-24636 WordPress Sugar Calendar (Lite) plugin <= 3.9.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Syed Balkhi Sugar Calendar Lite sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sugar Calendar Lite: from n/a through = 3.9.1...

CVE-2021-24636

The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce CSRF checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link...

CVE-2025-24636

creationtimestamp| type| source ---|---|--- 2025-01-24 19:46:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113885054167166472...

CVE-2025-24636

Cross-Site Request Forgery CSRF vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through = 1.4.1...

CVE-2025-24636 WordPress MachForm Shortcode plugin <= 1.4.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through = 1.4.1...

Siemens SCALANCE W1750D Command Injection (CVE-2020-24636)

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aru...

CVE-2021-24636

creationtimestamp| type| source ---|---|--- 2021-09-20 14:27:06+00:00| seen| https://t.me/cibsecurity/29099...

CVE-2021-24636 Print My Blog < 3.4.2 - Plugin Deactivation via CSRF

The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce CSRF checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link...

CVE-2021-24636

The vulnerability CVE-2021-24636 affects the Print My Blog WordPress Plugin prior to version 3.4.2. The root cause is missing nonce (CSRF) checks, enabling a CSRF attack that can trick a logged-in administrator into deactivating the plugin and deleting all saved data for that plugin by opening a ...

Siemens SCALANCE W1750D (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE W1750D Vulnerabilities: Improper Authentication, Classic Buffer Overflow, Command Injection, Improper Input Validation, Race Condition, Cross-site Scripting, Basic XSS,...

CVE-2020-24636

CVE-2020-24636 is a remote command-execution vulnerability affecting Aruba Instant IAPs. The issue exists in Aruba Instant 6.5.x (6.5.4.17 and below), 8.3.x (8.3.0.13 and below), 8.5.x (8.5.0.10 and below), 8.6.x (8.6.0.5 and below), and 8.7.x (8.7.0.0 and below). Siemens/Red Hat and other connec...