2 matches found
CVE-2026-6331
HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...
WordPress ShopLentor plugin <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter vulnerability
Unauthenticated Server-Side Request Forgery via URL Parameter vulnerability discovered by mikemyers in WordPress Plugin ShopLentor versions = 3.1.2...