CVE-2026-48247

creationtimestamp| type| source ---|---|--- 2026-05-21 18:49:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf3jagyq62q 2026-05-21 19:37:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf675fama2h...

CVE-2025-48247

Missing Authorization vulnerability in Blair Williams Shortlinks by Pretty Links pretty-link allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortlinks by Pretty Links: from n/a through = 3.6.15...

WordPress Shortlinks by Pretty Links plugin <= 3.6.15 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin Shortlinks by Pretty Links versions = 3.6.15...

CVE-2025-48247

CVE-2025-48247 describes a Missing Authorization vulnerability in the WordPress plugin Pretty Links (Shortlinks by Pretty Links). Affected versions: up to 3.6.15. Root cause: broken access control enabling exploitation of incorrectly configured access levels. Impact: potential elevation of privil...

CVE-2025-48247 WordPress Shortlinks by Pretty Links plugin <= 3.6.15 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Blair Williams Shortlinks by Pretty Links pretty-link allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortlinks by Pretty Links: from n/a through = 3.6.15...

CVE-2023-48247

creationtimestamp| type| source ---|---|--- 2024-01-10 12:21:58+00:00| seen| https://t.me/ctinow/165741 2024-01-28 10:56:12+00:00| seen| https://t.me/ctinow/174893...

CVE-2023-48247

The vulnerability allows an unauthenticated remote attacker to read arbitrary files under the context of the application OS user “root” via a crafted HTTP request...

CVE-2023-48247

Summary: CVE-2023-48247 describes an unauthenticated remote exploit that allows reading arbitrary files under the application’s OS user (root) context via a crafted HTTP request. The vulnerability is documented across multiple feeds (NVD, Red Hat, CVE List) with a CVSSv3.1 base score of 7.5 (HIGH...

CVE-2022-48247

CVE-2022-48247 targets UNISOC audio service with a missing permission check, enabling local escalation of privilege. Root cause: insufficient permission validation in the audio service leading to unauthorized access. Affected: audio service on UNISOC chipsets; attack vector LOCAL, complexity LOW,...

Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The vulnerabilities allow an unauthenticated remote attacker to execute commands as root. This module requires Metasploi...