Lucene search
+L

5 matches found

CVE
CVE
added 2026/04/14 11:41 p.m.40 views

CVE-2026-39984

CVE-2026-39984 – Sigstore Timestamp Authority (tsa/timestamp-authority/v2/pkg/verification) : Versions 2.0.5 and earlier contain an authorization bypass in VerifyTimestampResponse. The code validates the certificate chain correctly but applies TSA-specific constraints using the first non-CA certi...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/04/06 8:16 p.m.9 views

CVE-2026-35182

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS0.00336EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/11/12 11:24 p.m.8 views

WordPress Page Builder: Pagelayer – Drag and Drop website builder plugin <= 2.0.5 - Authenticated (Author+) Insecure Direct Object Reference vulnerability

Authenticated Author+ Insecure Direct Object Reference vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin PageLayer versions = 2.0.5...

4.3CVSS6.7AI score0.00232EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/10/25 3:2 a.m.7 views

WordPress Password Policy Manager plugin <= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log Out vulnerability

Missing Authorization to Authenticated Subscriber+ Configuration Log Out vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Password Policy Manager versions = 2.0.5...

4.3CVSS6.9AI score0.00184EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/20 9:7 a.m.9 views

WordPress Themify Audio Dock Plugin <= 2.0.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Themify Audio Dock versions = 2.0.5...

5.9CVSS6AI score0.0021EPSS
Exploits0Affected Software1
Rows per page
Query Builder