Lucene search
K

859 matches found

EUVD
EUVD
added 2026/04/28 1:13 p.m.7 views

EUVD-2026-26045

mpGabinet performs client-side authentication. An attacker with access to any application instance connected to the backend server can bypass the login verification process by manipulating the application binary and authenticate as an arbitrary user. This issue affects mpGabinet version 23.12.19...

8.4CVSS5.5AI score0.00132EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/16 10:48 p.m.15 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the decidedByUserId field in approval-related endpoints. An attacker can forge decision attribution by supplying an arbitrary user identifier in the request body, causing the system to...

5.3CVSS5.9AI score
Exploits0References2
Patchstack
Patchstack
added 2026/04/16 12:34 a.m.6 views

WordPress Riaxe Product Customizer plugin <= 2.1.2 - Unauthenticated Arbitrary User Deletion via 'user_id' Parameter vulnerability

Unauthenticated Arbitrary User Deletion via 'userid' Parameter vulnerability discovered by Kai Aizen in WordPress Plugin Riaxe Product Customizer versions = 2.1.2...

5.3CVSS5.8AI score0.00441EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/04/14 8:40 a.m.31 views

CVE-2026-25654

The CVE describes a vulnerability in SINEC NMS affecting all versions prior to 4.0 SP3, where password-reset requests do not properly validate user authorization. This could allow an authenticated remote attacker to bypass authorization and reset the password of any arbitrary user account. In the...

8.8CVSS5.9AI score0.00453EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/09 11:29 p.m.4 views

WordPress MStore API plugin <= 4.18.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Meta Update vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary User Meta Update vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin MStore API versions = 4.18.3...

4.3CVSS5.9AI score0.00226EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 2:25 a.m.2 views

CVE-2026-3568

The MStore API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.18.3. This is due to the updateuserprofile function in controllers/flutter-user.php processing the 'metadata' JSON parameter without any allowlist, blocklist, or validatio...

4.3CVSS6AI score0.00226EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/04/09 2:25 a.m.32 views

CVE-2026-3568 MStore API <= 4.18.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Meta Update

The MStore API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.18.3. This is due to the updateuserprofile function in controllers/flutter-user.php processing the 'metadata' JSON parameter without any allowlist, blocklist, or validatio...

4.3CVSS0.00226EPSS
Exploits0References8
CVE
CVE
added 2026/04/09 2:25 a.m.15 views

CVE-2026-3568

CVE-2026-3568 affects the WordPress MStore API plugin up to version 4.18.3. The root cause is in update_user_profile() processing the raw JSON field 'meta_data' without validation, allowlisting, or sanitization, and then applying arbitrary keys/values to update_user_meta() after cookie-based auth...

4.3CVSS6AI score0.00226EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/08 1:55 p.m.4 views

CVE-2025-57854 Osus-operator: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain OpenShift Update Service OSUS images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, ev...

6.4CVSS6AI score0.00145EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 6:43 a.m.4 views

CVE-2026-3477 PZ Frontend Manager <= 1.0.6 - Missing Authorization to Arbitrary User Deletion via 'dataType' Parameter

The PZ Frontend Manager plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.6. The pzfmuserrequestactioncallback function, registered via the wpajaxpzfmuserrequestaction action hook, lacks both capability checks and nonce verification. This function...

5.3CVSS6AI score0.00319EPSS
Exploits0References7
NVD
NVD
added 2026/04/08 5:16 a.m.10 views

CVE-2026-4003

The Users manager – PN plugin for WordPress is vulnerable to Privilege Escalation via Arbitrary User Meta Update in all versions up to and including 1.1.15. This is due to a flawed authorization logic check in the userspnajaxnoprivserver function within the 'userspnformsave' case. The conditional...

9.8CVSS0.00889EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/04/08 3:36 a.m.21 views

CVE-2026-4003 Users manager – PN <= 1.1.15 - Unauthenticated Privilege Escalation via Account Takeover via 'userspn_form_save' AJAX Action

The Users manager – PN plugin for WordPress is vulnerable to Privilege Escalation via Arbitrary User Meta Update in all versions up to and including 1.1.15. This is due to a flawed authorization logic check in the userspnajaxnoprivserver function within the 'userspnformsave' case. The conditional...

9.8CVSS0.00889EPSS
Exploits0References12
Patchstack
Patchstack
added 2026/04/08 2:4 a.m.6 views

WordPress PZ Frontend Manager plugin <= 1.0.6 - Missing Authorization to Arbitrary User Deletion via 'dataType' Parameter vulnerability

Missing Authorization to Arbitrary User Deletion via 'dataType' Parameter vulnerability discovered by theviper17y in WordPress Plugin pz-frontend-manager versions = 1.0.6...

5.3CVSS5.9AI score0.00319EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31310

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

6.4CVSS6.1AI score0.00113EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.3 views

PT-2026-31311

Name of the Vulnerable Software and Affected Versions Web Terminal images affected versions not specified Description A container privilege escalation flaw exists due to the /etc/passwd file being created with group-writable permissions during the build process. An attacker with command execution...

6.4CVSS6AI score0.00158EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/02 3:6 p.m.5 views

CVE-2026-33746 Convoy: JWT Signature Verification Bypass Allows Authentication as Arbitrary Users

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

9.8CVSS5.9AI score0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/02 3:6 p.m.17 views

CVE-2026-33746 Convoy: JWT Signature Verification Bypass Allows Authentication as Arbitrary Users

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

9.8CVSS0.003EPSS
Exploits0References2
CVE
CVE
added 2026/04/02 3:6 p.m.11 views

CVE-2026-33746

Convoy (KVM server management panel) is vulnerable in versions 3.9.0-beta through

9.8CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/27 10:51 p.m.6 views

CVE-2026-33541

TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...

6.5CVSS5.9AI score0.00293EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/27 3:42 p.m.9 views

EUVD-2026-16398

TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service...

6.5CVSS5.9AI score0.00293EPSS
Exploits1References3
Rows per page
Query Builder