CVE-2026-2494

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...

Discourse 资源管理错误漏洞

Discourse is an open source community discussion platform. The platform includes community, email and chat room features. A resource management error vulnerability exists in Discourse versions prior to 3.0.1 stable, 3.1.0.beta2 beta and test-passed, which stems from a large amount of data floodin...