1125 matches found
EUVD-2026-4230
Missing Authorization vulnerability in themebeez Simple GDPR Cookie Compliance simple-gdpr-cookie-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple GDPR Cookie Compliance: from n/a through = 2.0.0...
EUVD-2026-4229
Missing Authorization vulnerability in themebeez Universal Google Adsense and Ads manager universal-google-adsense-and-ads-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Google Adsense and Ads manager: from n/a through = 1.1.8...
EUVD-2026-4224
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Review penci-review allows Stored XSS.This issue affects Penci Review: from n/a through = 3.5...
EUVD-2026-4254
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
EUVD-2026-4244
Authorization Bypass Through User-Controlled Key vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through = 2.23.0...
EUVD-2026-4241
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through = 4.4.3...
EUVD-2026-4226
Missing Authorization vulnerability in topdevs Smart Product Viewer smart-product-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Product Viewer: from n/a through = 1.5.4...
EUVD-2026-4357
Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...
EUVD-2026-4350
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.5...
EUVD-2026-4359
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...
EUVD-2026-4348
Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Edwiser Bridge: from n/a through = 4.3.2...
EUVD-2026-4239
Missing Authorization vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through = 1.91.1...
EUVD-2026-4363
Server-Side Request Forgery SSRF vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through = 2.0.91...
EUVD-2026-4375
Missing Authorization vulnerability in ABCdatos Protección de datos RGPD proteccion-datos-rgpd allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protección de datos RGPD: from n/a through = 0.68...
EUVD-2026-4373
Missing Authorization vulnerability in Prince Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through = 1.5.5...
EUVD-2026-4394
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...
EUVD-2026-4397
Cross-Site Request Forgery CSRF vulnerability in Timur Kamaev Kama Thumbnail kama-thumbnail allows Cross Site Request Forgery.This issue affects Kama Thumbnail: from n/a through = 3.5.1...
EUVD-2026-4399
In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...
EUVD-2026-4395
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix a memory leak in tpm2loadcmd 'tpm2loadcmd' allocates a tempoary blob indirectly via 'tpm2keydecode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper...
EUVD-2026-4411
In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change fixing a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case as the isp1301getclient helper only increases the...