31 matches found
CVE-2026-34241 CtrlPanel: Stored XSS in Ticket Reply Notifications Allows Session Hijacking
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability in the ticket reply notification system. Unsanitized reply content $newmessage is stored directly in database notification payloads and later rendered...
CVE-2026-41903
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding the PERMEDITUSERS permission intended for general user-profile editing can read and modify the notification subscriptions of any other user, including admins, by sending a...
PT-2026-38548
Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.217 Description A user with the PERM EDIT USERS permission can read and modify the notification subscriptions of any other user, including administrators, by sending a single POST request. This allows a non-admi...
CVE-2026-6344
The Fluent Forms plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 6.2.1. This is due to insufficient path validation in the getAttachments method of EmailNotificationActions, which resolves attacker-supplied file-upload URLs into filesystem paths without...
CVE-2026-6344
The Fluent Forms plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 6.2.1. This is due to insufficient path validation in the getAttachments method of EmailNotificationActions, which resolves attacker-supplied file-upload URLs into filesystem paths without...
Exploit for CVE-2026-28767
CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...
CVE-2026-1867
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend...
CVE-2026-32104 StudioCMS: IDOR in User Notification Preferences Allows Any Authenticated User to Modify Any User's Settings
StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the updateUserNotifications endpoint accepts a user ID from the request payload and uses it to update that user's notification preferences. It checks that the caller is logged in but never...
CVE-2026-1867
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend...
EUVD-2026-11086
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend...
CVE-2026-1867
The CVE concerns the WordPress plugin Guest posting / Frontend Posting / Front Editor, vulnerable before version 5.0.6. An unauthenticated attacker can trigger export of all form data/settings (including the administrator’s email) by passing a URL parameter to regenerate a .json file derived from...
CVE-2026-1867
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend...
CVE-2026-1867 WP Front User Submit < 5.0.6 - Unauthenticated Sensitive Information Exposure
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend...
PT-2026-24585
🚨 CVE-2026-1867 The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting...
CVE-2025-64174 OpenMage is vulnerable to XSS in Admin Notifications
Magento-lts is a long-term support alternative to Magento Community Edition CE. Versions 20.15.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts...
EUVD-2025-37520
Magento-lts is a long-term support alternative to Magento Community Edition CE. Versions 20.15.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts...
CVE-2025-64174
CVE-2025-64174 concerns the OpenMage/magento-lts project. A stored XSS vulnerability affects versions 20.15.0 and earlier, allowing an admin (with direct database access or via the admin notification feed) to inject malicious scripts through unescaped translation strings and URLs rendered in app/...
CVE-2025-64174 OpenMage is vulnerable to XSS in Admin Notifications
Magento-lts is a long-term support alternative to Magento Community Edition CE. Versions 20.15.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts...
CVE-2025-64174 OpenMage is vulnerable to XSS in Admin Notifications
Magento-lts is a long-term support alternative to Magento Community Edition CE. Versions 20.15.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts...
GHSA-QV78-C8HC-438R OpenMage vulnerable to XSS in Admin Notifications
Summary OpenMage versions v20.15.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts into vulnerable fields. Malicious JavaScript may be execute...