3975 matches found
PT-2026-46317
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-editor permissions can store arbitrary HTML/JavaScript in the ChartDatasetConfig.legend field. The...
PT-2026-46254
Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description A mass assignment issue exists in the user edit functionality. The application fails to sufficiently filter user-supplied fields in the UsersController::edit function, allowing it to accept a...
ParamStriker
ParamStriker Offline JSON & Query Parameter Exploit Frame...
CVE-2025-15656
Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0...
EUVD-2025-210049
Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0...
CVE-2025-15656 WordPress School Management plugin <= 93.2.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0...
CVE-2025-15656
CVE-2025-15656 is an Incorrect Privilege Assignment vulnerability affecting the WordPress School Management plugin (the CVE entry and related records list affected scope as WordPress School Management up to version 93.2.0). The underlying issue is privilege escalation via improper privilege assig...
CVE-2025-15656 WordPress School Management plugin <= 93.2.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0...
PT-2026-45911
Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0...
CVE-2025-53209
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0...
CVE-2025-53209
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0...
CVE-2025-53209 WordPress Masteriyo LMS PRO plugin <= 2.20.0 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0...
CVE-2025-53209
Masteriyo LMS PRO (WordPress)
EUVD-2025-210035
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0...
CVE-2026-48879
Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17...
CVE-2026-42680
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
CVE-2026-42680
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
CVE-2026-42680 WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
CVE-2026-42680
CVE-2026-42680 : Affected product is the WordPress plugin Contest Gallery Pro up to version 29.0.1. The vulnerability is an Incorrect Privilege Assignment that allows privilege escalation. The CVSS 3.1 base score is 9.8 (CRITICAL) with attack vector NETWORK, no user interaction, and requires no p...
EUVD-2026-33657
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...