Lucene search
K

1858 matches found

Nuclei
Nuclei
added yesterday16 views

PublishPress Capabilities < 2.3.1 - Missing Authorization

The PublishPress Capabilities plugin for WordPress before 2.3.1 does not have proper authorization and CSRF checks when updating settings via the init hook, allowing unauthenticated attackers to update arbitrary blog options, such as setting the default role to administrator. id: CVE-2021-25032...

9.8CVSS7.1AI score0.06745EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday21 views

WordPress ProfilePress <= 3.1.3 - Privilege Escalation

ProfilePress plugin before 3.1.4 allows privilege escalation. Due to insufficient validation in the profile update functionality, authenticated users can supply arbitrary usermeta fields, including wpcapabilities, during profile updates. This enables a user to escalate their privileges to...

9.8CVSS7.1AI score0.0412EPSS
Exploits2References2
EUVD
EUVD
added 3 days ago10 views

EUVD-2026-43118

The WP Grid Builder plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.3.3. This is due to missing authorization and meta key validation in the update handler for the /wp-json/wpgb/v2/metadata REST endpoint. This makes it possible for authenticated...

8.8CVSS6.1AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 6 days ago13 views

CVE-2026-9842

The CVE-2026-9842 entry concerns the Backstage - Customizer Demo Access plugin for WordPress (up to version 1.4.2). The root cause is that the plugin assigns the manage_options capability to the backstage_customizer_user demo role, which is more permissive than required for a Demo Access/Customiz...

7.5CVSS6AI score0.00256EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 8:16 a.m.8 views

CVE-2026-12224

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via updatecapabilities REST Endpoint in all versions up to, and including, 5.0.4. This is due to the updatecapabilities REST handler accepting arbitrary capability strings from the request body and passing them directly to...

8.8CVSS0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 6:51 a.m.8 views

EUVD-2026-40928

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via updatecapabilities REST Endpoint in all versions up to, and including, 5.0.4. This is due to the updatecapabilities REST handler accepting arbitrary capability strings from the request body and passing them directly to...

8.8CVSS5.7AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 6:51 a.m.38 views

CVE-2026-12224 Dokan Pro <= 5.0.4 - Authenticated (Vendor+) Privilege Escalation via update_capabilities REST Endpoint

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via updatecapabilities REST Endpoint in all versions up to, and including, 5.0.4. This is due to the updatecapabilities REST handler accepting arbitrary capability strings from the request body and passing them directly to...

8.8CVSS0.00246EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 6:51 a.m.21 views

CVE-2026-12224

The CVE-2026-12224 entry concerns the Dokan Pro plugin for WordPress. The vulnerability arises in the update_capabilities REST endpoint, which accepts arbitrary capability strings from the request body and passes them to WP_User::add_cap() without allowlist validation, with only the caller’s doka...

8.8CVSS5.7AI score0.00246EPSS
Exploits0References2
NVD
NVD
added 2026/06/28 2:16 a.m.11 views

CVE-2026-58053

Gitea actrunner with the Docker backend through act 0.262.0 passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-op...

9.9CVSS0.00265EPSS
Exploits0References2
CVE
CVE
added 2026/06/28 1:32 a.m.59 views

CVE-2026-58053

Gitea act_runner (Docker backend) up to act 0.262.0 is vulnerable: the workflow.container.options are merged into the Docker job container HostConfig, and if privileged is set to false, only the Privileged flag is disabled while options such as --pid=host, --cap-add, and --security-opt remain. A ...

9.9CVSS5.8AI score0.00265EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist...

8.7CVSS6.2AI score0.00131EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 6:24 p.m.7 views

Malicious code in @appupdate/cdn-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 445a7b613694730e29915d732e3df0700d145622b279b62b0a141c76211e6f14 Package @appupdate/cdn-sync ships as a thin koffi wrapper around prebuilt Go cgo native libraries 12MB linux.so, 11MB darwin.dylib for x64/arm64. The...

5.9AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.9 views

SUSE CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:52 p.m.5 views

CVE-2026-53257

A flaw was found in the Linux kernel. An issue within the mac80211 Wi-Fi subsystem, specifically related to the enforcement of High Efficiency HE and Extremely High Throughput EHT capabilities and operations, could lead to a system crash. This vulnerability arises when HE/EHT capabilities are set...

5.5CVSS5.8AI score0.00104EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39321

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

6AI score0.00131EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52284

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA core where the ib get ucaps function fails to properly validate the passed-in file operations fops. Because character and block devices can share the same dev...

8.8CVSS6AI score0.00136EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52325

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc6 Description A slab-out-of-bounds issue exists in the mlx5 query nic vport mac list function. The function determines the size of the firmware command buffer based on the Physical Function PF log max...

8.7CVSS6.2AI score0.00131EPSS
Exploits0References13
Ubuntu
Ubuntu
added 2026/06/23 7:9 p.m.8 views

USN-8193-2: libcap vulnerability

USN-8193-1 fixed a vulnerability in libcap. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could...

7CVSS6AI score0.00188EPSS
Exploits1
OSV
OSV
added 2026/06/23 7:9 p.m.3 views

USN-8193-2 libcap2 vulnerability

USN-8193-1 fixed a vulnerability in libcap. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could...

7CVSS6AI score0.00188EPSS
Exploits1References2
NVD
NVD
added 2026/06/17 1:21 p.m.12 views

CVE-2026-8383

The LearnPress WordPress plugin before 4.3.7 does not gate the edit context on one of its REST endpoint behind the editusers capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted...

5.3CVSS0.00424EPSS
Exploits0References1
Rows per page
Query Builder