7072 matches found
CVE-2026-32404 WordPress Studio99 WP Monitor plugin <= 1.0.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through = 1.0.3...
CVE-2026-32404
Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through = 1.0.3...
CVE-2026-32404 WordPress Studio99 WP Monitor plugin <= 1.0.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through = 1.0.3...
PT-2026-25250
Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor: from n/a through = 1.0.3...
WordPress plugin Studio99 WP Monitor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
Microsoft Windows Image File Execution Options (IFEO) Persistence
This PHP script leverages legitimate Windows debugging features to establish persistent remote access. This technique leverages the Image File Execution Options IFEO registry keys to configure a monitor process that automatically executes when a specified target process exits. Windows allows...
CVE-2026-32308
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams,...
CVE-2026-32308
OneUptime prior to version 10.0.23 is affected by a Stored XSS in the Markdown viewer’s Mermaid diagram rendering. The renderer uses securityLevel: "loose" and injects Mermaid SVG output via innerHTML, allowing interactive bindings and enabling XSS via Mermaid’s click directive to execute arbitra...
EUVD-2026-11665
Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page...
Uptime Kuma 安全漏洞
Uptime Kuma is an easy-to-use, self-hosted monitoring tool developed by Louis Lam as a personal project. Versions of Uptime Kuma from 2.0.0 to 2.1.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification that the monitored devices belonged to public groups...
OpenClaw has an unspecified vulnerability (CNVD-2026-13596)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a Webhook routing issue in the Google Chat monitor component, which can be exploited by an attacker to cause cross-account policy context misrouting that bypass...
WordPress plugin Modular DS: Monitor, update, and backup multiple websites 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2026-10535
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on SSM Server...
EUVD-2026-10536
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on SSM Server...
CVE-2026-27661
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on SSM Server...
CVE-2026-30957 OneUptime Synthetic Monitor RCE via exposed Playwright browser object
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, OneUptime Synthetic Monitors allow a low-privileged authenticated project user to execute arbitrary commands on the oneuptime-probe server/container. The root cause is that untrusted Synthetic Monitor code is...
CVE-2026-30957 OneUptime Synthetic Monitor RCE via exposed Playwright browser object
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, OneUptime Synthetic Monitors allow a low-privileged authenticated project user to execute arbitrary commands on the oneuptime-probe server/container. The root cause is that untrusted Synthetic Monitor code is...
CVE-2026-27661
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on SSM Server...
CVE-2026-27661
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on SSM Server...
CVE-2026-27661
CVE-2026-27661 affects Siemens SINEC Security Monitor (all versions < V4.9.0). The vulnerability causes information disclosure by leaking confidential data in metadata and files such as contributor information and email addresses on the SSM Server. Connected advisories from Red Hat, ENISA ENIS...