2 matches found
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 CVSS score: 10.0, relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts...
WordPress Homey Theme <= 2.4.4 is vulnerable to Broken Access Control
Software Homey Type Theme Vulnerable versions = 2.4.4 Fixed in 2.4.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-1326 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f04df5696a52 Credits a00n Required privilege Subscriber...