CVE-2026-32679

creationtimestamp| type| source ---|---|--- 2026-04-21 22:00:00+00:00| seen| https://jvn.jp/en/jp/JVN45563482 2026-04-23 00:38:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk4ribp5xp2s 2026-04-24 15:21:22+00:00| seen| Telegram/Y5QzcKDCmo7jQNGBLdJ87dzQSi2eRz7Wqhm7Qv2MeY...

EUVD-2025-32679

Malicious code in oxrvxaslllcaj npm...

CVE-2025-32679

Cross-Site Request Forgery CSRF vulnerability in ZealousWeb User Registration Using Contact Form 7 user-registration-using-contact-form-7 allows Cross Site Request Forgery.This issue affects User Registration Using Contact Form 7: from n/a through = 2.4...

CVE-2025-32679

creationtimestamp| type| source ---|---|--- 2025-04-09 20:57:25+00:00| seen| https://t.me/cvedetector/22580...

CVE-2025-32679

Cross-Site Request Forgery CSRF vulnerability in ZealousWeb User Registration Using Contact Form 7 user-registration-using-contact-form-7 allows Cross Site Request Forgery.This issue affects User Registration Using Contact Form 7: from n/a through = 2.4...

CVE-2025-32679 WordPress User Registration Using Contact Form 7 plugin <= 2.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ZealousWeb User Registration Using Contact Form 7 user-registration-using-contact-form-7 allows Cross Site Request Forgery.This issue affects User Registration Using Contact Form 7: from n/a through = 2.4...

CVE-2025-32679 WordPress User Registration Using Contact Form 7 plugin <= 2.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ZealousWeb User Registration Using Contact Form 7 user-registration-using-contact-form-7 allows Cross Site Request Forgery.This issue affects User Registration Using Contact Form 7: from n/a through = 2.4...

CVE-2024-32679

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.16...

CVE-2024-32679 WordPress Shared Files plugin <= 1.7.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shared Files PRO Shared Files.This issue affects Shared Files: from n/a through 1.7.16...

CVE-2024-32679

CVE-2024-32679 is a Missing Authorization vulnerability in Shared Files – Advanced File Sharing & Download Manager for WordPress (Shared Files) affecting versions up to 1.7.16. The issue stems from broken access control in Shared Files PRO Shared Files, potentially enabling unauthorized access to...

CVE-2024-32679 WordPress Shared Files plugin <= 1.7.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.16...

WordPress Shared Files Plugin <= 1.7.16 is vulnerable to Broken Access Control

Software Shared Files Type Plugin Vulnerable versions = 1.7.16 Fixed in 1.7.17 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32679 Patch priority Low CVSS severity Low 5.3 Developer Tammersoft PSID a4b252f2d162 Credits Dhabaleshwar Das Required privilege...

CVE-2023-32679

Craft CMS is vulnerable to Remote Code Execution due to lack of file extension validation in template resolution (name parameter handling in View.php). Exploitation requires admin privileges on an environment configured for development/staging/production (e.g., ALLOW_ADMIN_CHANGES=true). The issu...

CVE-2023-32679

creationtimestamp| type| source ---|---|--- 2023-05-19 02:51:52+00:00| published-proof-of-concept| https://github.com/craftcms/cms/security/advisories/GHSA-vqxf-r9ph-cc9c 2023-05-20 00:38:25+00:00| seen| https://t.me/cibsecurity/64473...

CVE-2021-32679

creationtimestamp| type| source ---|---|--- 2021-07-12 16:17:55+00:00| seen| https://t.me/cibsecurity/26058...

CVE-2021-32679

CVE-2021-32679 : In Nextcloud Server, filenames were not escaped by default in controllers using DownloadResponse prior to versions 19.0.13, 20.0.11, and 21.0.3. A user-supplied filename passed unsanitized could cause a downloaded file to have a benign extension while the content is executable, p...

CVE-2022-32679

...

CVE-2022-32679

This CVE entry is rejected/not used, as explicitly stated in the initial description.