219072 matches found
EUVD-2026-36773
Incorrect access control in the /form/webhooks/webhook endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or delete another tenant's webhook via a crafted request...
EUVD-2026-36748
A Time-Based Blind SQL Injection vulnerability in the aliasmanagement module of OpenSIPS Control Panel opensips-cp prior to version 9.3.3 allows authenticated attackers to execute arbitrary SQL commands via the 'table' GET parameter in aliasmanagement.php...
CVE-2026-49065
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce = 1.9.5 versions...
CVE-2026-49070
Unauthenticated Broken Access Control in Knit Pay = 9.4.0.0 versions...
CVE-2026-48883
Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...
CVE-2026-48887
Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...
CVE-2026-48873
Unauthenticated Broken Access Control in Montonio for WooCommerce = 10.1.2 versions...
CVE-2026-47261
Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 pathopen interfaces by...
CVE-2026-42664
Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...
CVE-2026-42666
Unauthenticated Broken Access Control in Salon booking system = 10.30.25 versions...
CVE-2026-42659
Subscriber Broken Access Control in Advanced Form Integration = 1.126.12 versions...
CVE-2026-42651
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
CVE-2026-40788
Subscriber Broken Access Control in ChatBot = 7.9.7 versions...
CVE-2026-40794
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40793
Subscriber Broken Access Control in Groundhogg 4.4.1 versions...
CVE-2026-40795
Subscriber Broken Access Control in Amelia = 2.2 versions...
CVE-2026-40775
Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...
CVE-2026-40776
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...
CVE-2026-40782
Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...
CVE-2026-40743
Unauthenticated Broken Access Control in Tutor LMS = 3.9.7 versions...