Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/03/07 1:21 a.m.28 views

CVE-2026-2494 ProfileGrid <= 5.9.8.2 - Cross-Site Request Forgery to Group Membership Request Approval/Denial

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...

4.3CVSS0.00131EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/07 1:21 a.m.3 views

CVE-2026-2494 ProfileGrid <= 5.9.8.2 - Cross-Site Request Forgery to Group Membership Request Approval/Denial

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...

4.3CVSS5.6AI score0.00131EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/07 1:21 a.m.7 views

CVE-2026-2494

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...

4.3CVSS5.6AI score0.00131EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2764

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00435EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 3:39 p.m.6 views

CVE-2020-5502

phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...

6.5CVSS6.8AI score0.00435EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/15 8:56 a.m.8 views

CVE-2024-7296

An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowed users...

2.7CVSS6.2AI score0.00339EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/13 12:0 a.m.3 views

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition versions 16.5 through before 17.7.7, 17.8 through before 17.8.5, and 17.9 through before 17.9.2, which stems from the ability of a user with...

2.7CVSS6.3AI score0.00339EPSS
Exploits1References2
Rows per page
Query Builder