CVE-2026-4266

creationtimestamp| type| source ---|---|--- 2026-03-27 13:39:45+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/watchguard-security-advisory-av26-289 2026-03-27 16:01:47+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3mi2ij54vyq2f 2026-03-30 15:22:38+00:00| seen|...

CVE-2018-4266

A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6...

EUVD-2025-4266

Malicious code in bioql PyPI...

CVE-2022-4266

The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack...

CVE-2010-4266

It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher...

CVE-2011-4266

Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a...

CVE-2005-4266

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value...

CVE-2025-4266

creationtimestamp| type| source ---|---|--- 2025-05-05 06:18:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14839 2025-05-05 10:01:23+00:00| exploited| https://t.me/cvedetector/24440 2025-05-05 10:21:12+00:00| seen|...

CVE-2025-4266 PHPGurukul Notice Board System bwdates-reports-details.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php?vid=2. The manipulation of the argument fromdate/tomdate leads to sql injection. The attack may be...

CVE-2025-4266

CVE-2025-4266 concerns PHPGurukul Notice Board System 1.0. The vulnerability is a SQL injection in the file /bwdates-reports-details.php, triggered by manipulating the fromdate/tomdate parameters in the affected endpoint. Multiple connected sources (NVD/Red Hat/CNVD/etc.) confirm remote-executabl...

CVE-2025-4266 PHPGurukul Notice Board System bwdates-reports-details.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php?vid=2. The manipulation of the argument fromdate/tomdate leads to sql injection. The attack may be...

Linux Distros Unpatched Vulnerability : CVE-2014-4266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability. CVE-2014-426...

CVE-2024-4266 MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure

The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.8.8 via the 'handlefile' function. This can allow unauthenticated attackers to extract sensitive data, such as...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.8.8 is vulnerable to Sensitive Data Exposure

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.8.8 Fixed in 3.8.9 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-4266 Patch priority Low CVSS severity Low 5.3 Developer Wpmet PSID f8748d7d1a5f Credits Tim Coen...

CVE-2022-4266

creationtimestamp| type| source ---|---|--- 2022-12-26 16:40:40+00:00| seen| https://t.me/cibsecurity/55344 2025-04-14 13:54:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11608...

CVE-2022-4266

The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack...

CVE-2022-4266

The CVE-2022-4266 entry concerns the WordPress plugin Bulk Delete Users by Email (versions ≤ 1.2). The root cause is a missing CSRF check when deleting users, enabling a CSRF attack to force a logged-in admin to delete non-admin users by knowing their email. Documented impact is unilateral user d...

CVE-2021-4266

creationtimestamp| type| source ---|---|--- 2022-12-21 22:13:09+00:00| seen| https://t.me/cibsecurity/55078 2025-04-14 17:54:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11665...

CVE-2021-4266 Webdetails cpf DependenciesPackage.java cross site scripting

A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible t...

CVE-2021-4266

The CVE-2021-4266 entry concerns Webdetails cpf (versions up to 9.5.0.0-80). The vulnerability targets an unknown function in core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java where manipulation of the baseUrl argument causes cross-site scripting. It can be triggered remotely...