161062 matches found
GHSA-6V32-FJC9-9QF6 Nest: Middleware Bypass on Fastify via Trailing Slash
Impact An authentication bypass vulnerability exists in @nestjs/platform-fastify confirmed on version 11.1.24, the latest available release at time of report. When middleware is registered through NestJS's MiddlewareConsumer.forRoutes API on the Fastify adapter, an unauthenticated client can bypa...
EUVD-2026-36888
Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...
CVE-2026-49764 WordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...
CVE-2026-49764
CVE-2026-49764 concerns the WordPress plugin RegistrationMagic (≤ 6.0.8.6). The vulnerability is an unauthenticated broken authentication issue, exploitable over the network without user interaction. Affected component: RegistrationMagic core/plugin. Underlying impact per the metadata is high acr...
CVE-2026-49764 WordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...
CVE-2026-49110 WordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerability
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
EUVD-2026-36885
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
EUVD-2026-36866
Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...
CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...
CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...
CVE-2026-48970
The CVE affects WordPress the Really Simple SSL plugin (versions
EUVD-2026-36837
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42743 WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42743 WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42668 WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
EUVD-2026-36833
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42668
CVE-2026-42668 affects WordPress plugin Email Marketing for WooCommerce by Omnisend (versions
CVE-2026-42668 WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42411 WordPress CloudSecure WP Security plugin <= 1.4.7 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...
EUVD-2026-36814
Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...