Lucene search
K

252 matches found

nvd
nvd
added 5 days ago9 views

CVE-2026-14250

The Themehunk Login Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.2. This is due to the handlefrontendregister function in the unauthenticated /thlogin/v1/register REST endpoint accepting a user-controlled 'role' parameter and...

6.3CVSS0.00209EPSS
Exploits0References6
cve
cve
added 5 days ago13 views

CVE-2026-14250

The CVE-2026-14250 issue affects the Themehunk Login Registration plugin for WordPress up to version 1.0.2. The root cause is in handle_frontend_register() at the unauthenticated /thlogin/v1/register REST endpoint, which accepts a user-controlled role parameter and validates it only against get_e...

6.3CVSS5.8AI score0.00209EPSS
Exploits0References6
osv
osv
added 2026/06/25 6:43 p.m.3 views

GO-2026-5219 Grafana OSS: Authorization bypass allows users with Editor role to modify protected webhook URLs without permissions in github.com/grafana/grafana

Grafana OSS: Authorization bypass allows users with Editor role to modify protected webhook URLs without permissions in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this...

5.4CVSS5.8AI score0.00238EPSS
Exploits0References5
cvelist
cvelist
added 2026/06/23 8:11 p.m.31 views

CVE-2026-47387 NocoDB: Stored Cross-Site Scripting via Form View Redirect URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared form-view submit handler packages/nc-gui/composables/useSharedFormViewStore.ts in NocoDB writes the form's redirecturl to window.location.href after a same-host check that does not validate the URL scheme. A...

8.4CVSS0.00234EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/23 3:47 p.m.7 views

CVE-2026-54307

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...

8.5CVSS5.7AI score0.00315EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2026/06/18 3:44 p.m.6 views

WordPress Blocksy Companion plugin <= 2.1.45 - Authenticated (Editor+) Stored Cross-Site Scripting vulnerability

Authenticated Editor+ Stored Cross-Site Scripting vulnerability discovered by Pasindu Dilshan K4PXD - HACK KAP PVT LTD in WordPress Plugin Blocksy Companion versions = 2.1.45...

4.4CVSS5.2AI score0.00208EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/06/16 12:0 a.m.19 views

PT-2026-50173

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.55 n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description An open source workflow automation platform contains an issue where a member-level user with editor access to a shared workflow can reference...

9.6CVSS5.9AI score0.00315EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/12 8:43 p.m.34 views

CVE-2026-45011 Apostrophe has stored XSS via javascript: URL in Image Widget Link

ApostropheCMS is an open-source Node.js content management system. Version 4.29.0 has a stored cross-site scripting vulnerability in the image widget functionality. A user with the Editor role can configure an image widget link to use a javascript: URL payload. Because editors have permission to...

7.3CVSS0.00211EPSS
Exploits0References2
euvd
euvd
added 2026/06/12 8:43 p.m.10 views

EUVD-2026-36567

ApostropheCMS is an open-source Node.js content management system. Version 4.29.0 has a stored cross-site scripting vulnerability in the image widget functionality. A user with the Editor role can configure an image widget link to use a javascript: URL payload. Because editors have permission to...

7.3CVSS5.3AI score0.00211EPSS
Exploits0References2
cve
cve
added 2026/06/12 8:43 p.m.25 views

CVE-2026-45011

CVE-2026-45011 affects ApostropheCMS 4.29.0, where a stored XSS can be injected via a javascript: URL in an image widget link. A user with Editor rights can publish the widget, enabling arbitrary JavaScript execution when a viewer clicks the link. Public patch status: at time of publication there...

7.3CVSS5.2AI score0.00211EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.16 views

PT-2026-47085

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The shared form-view submit handler in packages/nc-gui/composables/useSharedFormViewStore.ts fails to validate the URL scheme when writing the redirect url to window.location.href. While a same-ho...

8.4CVSS5.9AI score0.00234EPSS
Exploits0References9
redhatcve
redhatcve
added 2026/05/18 7:58 p.m.12 views

CVE-2026-41195

mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows http/https redirects and...

5CVSS5.8AI score0.00197EPSS
Exploits0References1
euvd
euvd
added 2026/05/16 3:25 p.m.10 views

EUVD-2020-31237

WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows authenticated users to inject malicious scripts by manipulating the Logo URL parameter. Attackers with editor, administrator, contributor, or author privileges can inject...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References4
osv
osv
added 2026/05/14 6:27 p.m.5 views

GHSA-5F64-7VFC-RCX6 Apostrophe has stored XSS via javascript: URL in Image Widget Link

Summary A stored cross-site scripting vulnerability was identified in the image widget functionality. A user with the Editor role can configure an image widget link to use a javascript: URL payload. Because editors have permission to publish pages, the malicious widget can be published to the liv...

7.3CVSS5.8AI score0.00211EPSS
Exploits0References4
github
github
added 2026/05/14 6:27 p.m.16 views

Apostrophe has stored XSS via javascript: URL in Image Widget Link

Summary A stored cross-site scripting vulnerability was identified in the image widget functionality. A user with the Editor role can configure an image widget link to use a javascript: URL payload. Because editors have permission to publish pages, the malicious widget can be published to the liv...

7.3CVSS5.8AI score0.00211EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/05/13 3:29 p.m.6 views

GHSA-J274-39QW-32C9 Grav: Twig sandbox allows editor-role users to exfiltrate all plugin secrets via Config::toArray()

Summary The Twig sandbox allow-list permits any user with the admin.pages role to call config.toArray from within a page body, dumping the entire merged site configuration — including all plugin secrets SMTP passwords, AWS keys, OAuth client secrets, API tokens — into the rendered HTML. No...

7.7CVSS5.8AI score0.00276EPSS
Exploits1References4
github
github
added 2026/05/13 3:29 p.m.9 views

Grav: Twig sandbox allows editor-role users to exfiltrate all plugin secrets via Config::toArray()

Summary The Twig sandbox allow-list permits any user with the admin.pages role to call config.toArray from within a page body, dumping the entire merged site configuration — including all plugin secrets SMTP passwords, AWS keys, OAuth client secrets, API tokens — into the rendered HTML. No...

7.7CVSS5.8AI score0.00276EPSS
Exploits1References4Affected Software1
attackerkb
attackerkb
added 2026/05/12 9:24 p.m.7 views

CVE-2026-41195

mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows http/https redirects and...

5CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/05/12 9:24 p.m.21 views

CVE-2026-41195

In mosparo, a vulnerability exists prior to version 1.4.13 where a project member with the editor role can abuse the automatic rule package source URL feature to store an attacker-controlled URL that the server fetches. The server follows HTTP/HTTPS redirects and does not restrict private or loop...

5CVSS5.8AI score0.00197EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/11 3:47 p.m.50 views

CVE-2026-44738 Grav: Twig sandbox allows editor-role users to exfiltrate all plugin secrets via Config::toArray()

Grav is a file-based Web platform. Prior to 2.0.0-rc.2, the Twig sandbox allow-list permits any user with the admin.pages role to call config.toArray from within a page body, dumping the entire merged site configuration — including all plugin secrets SMTP passwords, AWS keys, OAuth client secrets...

7.7CVSS0.00276EPSS
Exploits1References1
Rows per page
Query Builder