89552 matches found
CVE-2026-24574 WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...
CVE-2026-24574
Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...
CVE-2026-24574 WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...
CVE-2026-24574
CVE-2026-24574 concerns the WordPress plugin Export WP Page to Static HTML/CSS (versions up to and including 6.0.0). The issue is a Cross-Site Request Forgery (CSRF) vulnerability in this plugin, with CVSSv3.1: base score 6.5 (Medium). Attack vector: Network; attack complexity: Low; privileges re...
EUVD-2026-31743
Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...
EUVD-2026-31742
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...
CVE-2026-24597
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...
CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...
CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...
CVE-2026-24597
The CVE concerns the WordPress Organization Chart plugin (WpDevArt) for WordPress, affected versions up to 1.7.5. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in the Organization chart component, allowing unauthorized actions to be performed by an authenticated user in some cont...
WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin Organization chart versions = 1.7.5...
CVE-2026-44598
With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...
CVE-2026-44598 Apache Shiro Jakarta EE module: Open redirect and SSRF (requires valid credentials)
With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...
CVE-2026-44598 Apache Shiro Jakarta EE module: Open redirect and SSRF (requires valid credentials)
With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...
CVE-2026-44598
Apache Shiro Jakarta EE module contains an open redirect and SSRF vulnerability (CVE-2026-44598) that affects Shiro 2.0-alpha through 2.1.0 and 3.0.0-alpha-1 when using the shiro-jakarta-ee integration. After login, the shiroSavedRequest cookie can be forged and used to redirect the server to an ...
EUVD-2026-31739
With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...
CVE-2026-44598
With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...
CVE-2026-9486
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...
CVE-2026-48843
Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. The issue stems from an insufficient fix fo...
CVE-2026-9486 SourceCodester Student Grades Management System cross-site request forgery
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...