Lucene search
K

11269 matches found

NVD
NVD
added 2026/03/21 12:16 a.m.3 views

CVE-2026-3474

The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 1.6.3. This is due to the action function in the TemplateData class passing user-supplied input from the 'emailkit-editor-templat...

4.9CVSS0.00397EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.7 views

PT-2026-26882

The JetFormBuilder plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 3.5.6.2. This is due to the 'Uploaded File::set from array' method accepting user-supplied file paths from the Media Field preset JSON payload without validating...

7.5CVSS5.9AI score0.00397EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.9 views

WordPress plugin JetFormBuilder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.9AI score0.00397EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.15 views

PT-2026-26833

The Task Manager plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.0.2 via the callback get text from url function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files o...

6.5CVSS5.9AI score0.00252EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/20 11:25 p.m.2 views

CVE-2026-3474

The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 1.6.3. This is due to the action function in the TemplateData class passing user-supplied input from the 'emailkit-editor-templat...

4.9CVSS5.9AI score0.00397EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/03/20 11:25 p.m.31 views

CVE-2026-3474 EmailKit <= 1.6.3 - Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter

The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 1.6.3. This is due to the action function in the TemplateData class passing user-supplied input from the 'emailkit-editor-templat...

4.9CVSS0.00397EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/20 11:25 p.m.6 views

CVE-2026-3474 EmailKit <= 1.6.3 - Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter

The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 1.6.3. This is due to the action function in the TemplateData class passing user-supplied input from the 'emailkit-editor-templat...

4.9CVSS5.9AI score0.00397EPSS
Exploits0References8
CVE
CVE
added 2026/03/20 11:25 p.m.12 views

CVE-2026-3474

Technical details such as affected versions, vulnerable components, and remediation steps are not publicly provided in the supplied documents; monitor for updates.

4.9CVSS5.9AI score0.00397EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/20 10:34 p.m.3 views

CVE-2026-33476 SiYuan has an Unauthenticated Arbitrary File Read via Path Traversal

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under /appearance/filepath. Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server...

7.5CVSS5.8AI score0.03256EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/20 10:34 p.m.21 views

CVE-2026-33476 SiYuan has an Unauthenticated Arbitrary File Read via Path Traversal

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under /appearance/filepath. Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server...

7.5CVSS0.03256EPSS
Exploits1References2
CVE
CVE
added 2026/03/20 10:34 p.m.22 views

CVE-2026-33476

SiYuan kernel has an unauthenticated file-serving endpoint at /appearance/*filepath prior to version 3.6.2. Due to improper path sanitization, an attacker can perform directory traversal and read arbitrary files accessible to the server, bypassing authentication. Multiple sources (NVD, Red Hat ad...

7.5CVSS5.8AI score0.03256EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/20 10:34 p.m.2 views

CVE-2026-33476 SiYuan has an Unauthenticated Arbitrary File Read via Path Traversal

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under /appearance/filepath. Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server...

7.5CVSS6.4AI score0.03256EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/20 10:30 p.m.0 views

CVE-2026-33194 SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the IsSensitivePath function in kernel/util/path.go uses a denylist approach that was recently expanded GHSA-h5vh-m7fg-w5h6, commit 9914fd1 but remains incomplete. Multiple security-relevant Linux directories are not blocke...

6.8CVSS5.8AI score0.00489EPSS
Exploits1References1
NVD
NVD
added 2026/03/20 10:16 p.m.4 views

CVE-2026-33171

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.14 and 6.7.0, authenticated Control Panel users could read arbitrary .json, .yaml, and .csv files from the server by manipulating the file dictionary's filename configuration parameter in the fieldtype's...

4.3CVSS0.00348EPSS
Exploits0References1
NVD
NVD
added 2026/03/20 10:16 p.m.8 views

CVE-2026-33166

Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. The Allure report generator prior to version 2.38.0 is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file -result.json,...

8.6CVSS0.00539EPSS
Exploits1References1
NVD
NVD
added 2026/03/20 10:16 p.m.8 views

CVE-2026-23536

A security issue was discovered in the Feast Feature Server's /read-document endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a specially crafted HTTP POST request, an attacker can bypass intended access restrictions to...

7.5CVSS0.00594EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/20 9:58 p.m.3 views

CVE-2026-23536 Feast: unauthenticated arbitrary file read

A security issue was discovered in the Feast Feature Server's /read-document endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a specially crafted HTTP POST request, an attacker can bypass intended access restrictions to...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/20 9:58 p.m.20 views

CVE-2026-23536 Feast: unauthenticated arbitrary file read

A security issue was discovered in the Feast Feature Server's /read-document endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a specially crafted HTTP POST request, an attacker can bypass intended access restrictions to...

7.5CVSS0.00594EPSS
Exploits0References2
CVE
CVE
added 2026/03/20 9:58 p.m.9 views

CVE-2026-23536

The CVE-2026-23536 issue affects Feast Feature Server, specifically the /read-document endpoint, allowing an unauthenticated remote attacker to read any file accessible to the server process. The root cause is a bypass of access restrictions via a crafted HTTP POST request, enabling potential exp...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 9:38 p.m.2 views

CVE-2026-33166

Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. The Allure report generator prior to version 2.38.0 is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file -result.json,...

8.6CVSS6AI score0.00539EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder