Lucene search
+L

3652 matches found

Nuclei
Nuclei
added 4 hours ago56 views

WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting

WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page. id: CVE-2022-0150 info: name: WordPress Accessibility Helper 0.6.0.7 - Cross-Site...

6.1CVSS5.8AI score0.01718EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added 2026/07/08 12:0 a.m.9 views

The vulnerability of the Exim mail server, related to the lack of initialization of resources, allows attackers to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the Exim mail server is related to the lack of initialization of resources. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and accessibility of the protected information...

9.4CVSS6.1AI score0.00373EPSS
Exploits0References8Affected Software4
The Hacker News
The Hacker News
added 2026/07/07 5:10 p.m.22 views

RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service

A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over a victim's phone, steal their banking logins, and capture the one-time codes that protect their accounts. Zimperium's zLabs, which found th...

6.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.7 views

Chromium: CVE-2026-13806 Insufficient validation of untrusted input in Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.1CVSS5.9AI score0.00302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-13806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.5 views

DEBIAN-CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.7AI score0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:16 p.m.6 views

CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS0.00302EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.7 views

CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.7AI score0.00302EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.18 views

CVE-2026-13806

CVE-2026-13806 affects Google Chrome on desktop. The vulnerability arises from insufficient validation of untrusted input in Accessibility, allowing a renderer process compromise to bypass site isolation via a crafted HTML page. Affected versions are prior to 150.0.7871.47. The Chrome stable chan...

8.1CVSS5.7AI score0.00302EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.29 views

CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

0.00302EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54083

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Accessibility component allows a remote attacker who has already compromised the renderer process to bypass site isolation. This is...

9.6CVSS5.9AI score0.00413EPSS
Exploits0References450
RedhatCVE
RedhatCVE
added 2026/06/19 9:29 a.m.11 views

CVE-2026-12009

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Accessibility. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517332006...

8.3CVSS5.8AI score0.00246EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 6:16 a.m.15 views

CVE-2026-9199

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS0.00245EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/18 4:31 a.m.11 views

EUVD-2026-37837

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS5.3AI score0.00245EPSS
Exploits0References8
CVE
CVE
added 2026/06/18 4:31 a.m.24 views

CVE-2026-9199

The CVE-2026-9199 entry concerns the WordPress plugin Equalize Digital Accessibility Checker (WCAG/ADA/EAA/Section 508) up to version 1.42.1. The root cause is missing authorization verification, allowing authenticated users with author-level access and above to modify accessibility issue records...

4.3CVSS5.4AI score0.00245EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/18 4:31 a.m.7 views

CVE-2026-9199

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS5.3AI score0.00245EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/18 4:31 a.m.27 views

CVE-2026-9199 Equalize Digital Accessibility Checker <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification via 'largeBatch' Parameter

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS0.00245EPSS
Exploits0References8
Patchstack
Patchstack
added 2026/06/17 4:7 p.m.10 views

WordPress Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification vulnerability

Missing Authorization to Authenticated Author+ Arbitrary Accessibility Issue Modification vulnerability discovered by g0wthr in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.42.1...

4.3CVSS5.3AI score0.00245EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 6:9 a.m.8 views

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

9.6CVSS5.2AI score0.00532EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/06/15 2:0 p.m.14 views

Chromium: CVE-2026-12009 Insufficient validation of untrusted input  Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.2AI score0.00246EPSS
Exploits0
Rows per page
Query Builder