2367 matches found
Ocean Extra <= 2.4.6 - Unauthenticated Shortcode Execution
The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to supply arbitrary shortcodes in the contentrechdata parameter that is then executed. This makes it possible for...
Emerson Dixell XWEB-500 - Arbitrary File Write
Emerson Dixell XWEB-500 contains an arbitrary file write caused by unauthenticated access to /cgi-bin/logoextraupload.cgi, /cgi-bin/calsave.cgi, and /cgi-bin/loutils.cgi, letting attackers write any file on the system, exploit requires no authentication. id: CVE-2021-45420 info: name: Emerson...
WordPress Ocean Extra <1.9.5 - Cross-Site Scripting
WordPress Ocean Extra plugin before 1.9.5 contains a cross-site scripting vulnerability. The plugin does not escape generated links which are then used when the OceanWP theme is active. id: CVE-2021-25104 info: name: WordPress Ocean Extra 1.9.5 - Cross-Site Scripting author: Akincibor severity:...
CVE-2026-46637
Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with issafe = all, causing Twig to treat plain text or HTML output as safe in HTML, JavaScript, CSS, URL, and other contexts where the output is not properly...
CVE-2026-46637
CVE-2026-46637 concerns Twig (PHP template engine). Before 3.26.0, the filters in twig/markdown-extra (html_to_markdown, markdown_to_html) and twig/cssinliner-extra (inline_css) were registered with is_safe => [all], causing their output to be treated as safe in contexts where escaping is requ...
CVE-2026-57390 WordPress Extra Product Options Builder for WooCommerce plugin <= 1.2.167 - Broken Access Control vulnerability
Missing Authorization vulnerability in EDGARROJAS Extra Product Options Builder for WooCommerce additional-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extra Product Options Builder for WooCommerce: from n/a through =...
CVE-2026-57390
The CVE concerns the WordPress plugin “Extra Product Options Builder for WooCommerce” (also listed as additional-product-fields-for-woocommerce). A Missing Authorization/Broken Access Control vulnerability affects the plugin in versions up to and including 1.2.167, enabling exploitation due to in...
CVE-2026-13250
The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...
EUVD-2026-43141
The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...
CVE-2026-13250 Solace Extra <= 1.5.3 - Missing Authorization to Unauthenticated Arbitrary Content Deletion via delete_previously_imported AJAX Action
The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...
CVE-2026-13250
Solace Extra (WordPress) up to version 1.5.3 is affected by an authorization bypass in the delete_previously_imported AJAX action. The issue allows unauthenticated users to permanently delete content imported via the Starter Template (posts, pages, media, WooCommerce products, terms, sitebuilder ...
EUVD-2026-42549
The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the saveattachments function. This is due to the Custom Fonts extension registering a wpcheckfiletypeandext filter that approves any filename containing .woff2 or .tt...
CVE-2026-15158
Blocksy Companion
CVE-2026-15158
The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the saveattachments function. This is due to the Custom Fonts extension registering a wpcheckfiletypeandext filter that approves any filename containing .woff2 or .tt...
PT-2026-56760
Name of the Vulnerable Software and Affected Versions Blocksy Companion versions prior to 2.1.47 Description The Blocksy Companion plugin for WordPress allows unauthenticated arbitrary file upload through the save attachments function. The issue occurs because the Custom Fonts extension uses a wp...
WordPress Extra Product Options Builder for WooCommerce plugin <= 1.2.167 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by VanTastic in WordPress Plugin Extra Product Options Builder for WooCommerce versions = 1.2.167...
PYSEC-2026-1259 CodeChecker open redirect when URL contains multiple slashes after the product name
Summary --- CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect pathway. Detai...
GHSA-473P-56XX-VG67 Kiwi TCMS vulnerable to stored XSS via JavaScript: URI in extra_link field (TestPlan & TestCase)
Summary In Kiwi TCMS the fields TestCase.extralink and TestPlan.extralink were meant to represent URLs to external resources however in versions prior to 16.1 user input was not being sanitized and values were rendered verbatim which represents an opportunity for cross-site scripting exploitation...
CVE-2026-57572
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...
CVE-2026-57572 Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...