Lucene search
K

162037 matches found

CVE
CVE
added 29 minutes ago5 views

CVE-2026-57750 WordPress ez Form Calculator Premium plugin <= 2.14.1.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in ez Form Calculator Premium = 2.14.1.2 versions...

5.3CVSS5.8AI score
Exploits0References1
CVE
CVE
added 29 minutes ago6 views

CVE-2026-57746 WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-57746 WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-57731 WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability

Contributor Broken Access Control in Flatsome = 3.20.5 versions...

6.5CVSS
Exploits0References1
CVE
CVE
added 29 minutes ago3 views

CVE-2026-57731 WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability

Contributor Broken Access Control in Flatsome = 3.20.5 versions...

6.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-57730 WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability

Subscriber Broken Access Control in Flatsome = 3.20.5 versions...

4.3CVSS
Exploits0References1
CVE
CVE
added 29 minutes ago3 views

CVE-2026-57730 WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability

Subscriber Broken Access Control in Flatsome = 3.20.5 versions...

4.3CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-57689 WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability

Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...

4.3CVSS
Exploits0References1
CVE
CVE
added 29 minutes ago10 views

CVE-2026-57689 WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability

Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...

4.3CVSS5.8AI score
Exploits0References1
CVE
CVE
added 29 minutes ago4 views

CVE-2026-57688 WordPress POS Entegratör plugin <= 3.7.103 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in POS Entegratör = 3.7.103 versions...

8.2CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-57685 WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability

Subscriber Broken Access Control in Martfury - WooCommerce Marketplace WordPress Theme = 3.2.8 versions...

4.3CVSS
Exploits0References1
Nuclei
Nuclei
added 2 hours ago25 views

FatPipe WARP/IPVPN/MPVPN - Authorization Bypass

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain a missing authorization caused by lack of access control in the web management interface, letting remote attackers access sensitive URLs, exploit requires no authentication. id: CVE-2021-27858 info: name:...

5.3CVSS6.1AI score0.02703EPSS
Exploits1References4
Nuclei
Nuclei
added 2 hours ago37 views

Lin CMS Spring Boot - Default JWT Token

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application. id: CVE-2022-32430 info: name: Lin CMS Spring Boot - Default JWT Token author: DhiyaneshDK severity: high description: | An access control issue in Lin CM...

7.5CVSS7.1AI score0.03634EPSS
Exploits1References3
Nuclei
Nuclei
added 2 hours ago27 views

WAVLINK WN535 G3 - Improper Access Control

WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to improper access control. A vulnerability in /cgi-bin/ExportAllSettings.sh allows an attacker to execute arbitrary code via a crafted POST request and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized...

7.5CVSS7.4AI score0.02995EPSS
Exploits1References5
Nuclei
Nuclei
added 2 hours ago25 views

D-Link DIR-816L - Improper Access Control

D-Link DIR-816LFW206b01 is susceptible to improper access control. An attacker can access folders folderview.php and categoryview.php and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-28955 info: name: D-Link DIR-816L - Improper...

7.5CVSS6.8AI score0.38289EPSS
Exploits1References5
Nuclei
Nuclei
added 2 hours ago24 views

WAVLINK WN533A8 - Improper Access Control

WAVLINK WN533A8 M33A8.V5030.190716 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser; and thereby possibly obtain sensitive information, modify data, and/or execute...

7.5CVSS7.2AI score0.16583EPSS
Exploits4References5
Nuclei
Nuclei
added 2 hours ago29 views

Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control

Dapr Dashboard 0.1.0 through 0.10.0 is susceptible to improper access control. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-38817 info: name: Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control author: For3stCo1d...

7.5CVSS7.2AI score0.02941EPSS
Exploits1References5
Nuclei
Nuclei
added 2 hours ago18 views

WAVLINK WN530HG4 - Improper Access Control

WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. It contains a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh. An attacker can possibly obtain sensitive information, modify data, and/or execute...

9.8CVSS7.4AI score0.02415EPSS
Exploits1References4
Nuclei
Nuclei
added 2 hours ago15 views

VMware vRealize Log Insight - Improper Access Control to RCE

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. id: CVE-2022-31704 info: name: VMware vRealize Log Insight - Improper Acces...

9.8CVSS7.8AI score0.81011EPSS
Exploits3References3
Nuclei
Nuclei
added 2 hours ago23 views

WP Cerber < 8.9.3 - Broken Access Control

WP Cerber 8.9.3 contains a bypass of /wp-json access control caused by improper handling of trailing '?' character, letting unauthorized users access protected REST API endpoints, exploit requires sending a request with a trailing '?'. id: CVE-2021-37598 info: name: WP Cerber 8.9.3 - Broken Acces...

5.3CVSS6AI score0.0235EPSS
Exploits1References2
Rows per page
Query Builder