Lucene search
K

7 matches found

CVE
CVE
added 2026/02/26 2:23 a.m.21 views

CVE-2026-1779

The vulnerability CVE-2026-1779 affects the WordPress plugin User Registration & Membership (UP to version 5.1.2). The root cause is an incorrect authentication path in the register_member function, enabling unauthenticated attackers to log in a newly registered user who has the urm_user_just_cre...

8.1CVSS5.3AI score0.00335EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/26 2:23 a.m.4 views

CVE-2026-1779 User Registration & Membership <= 5.1.2 - Authentication Bypass

The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'registermember' function. This makes it possible for unauthenticated attackers to log in a newly registered user ...

8.1CVSS5.3AI score0.00335EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/16 4:1 p.m.2 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment when a new user logs in via SSH and does not exist in the user database, the session assigns the user to the root group. An attacker can gain elevated privileges by authenticating as a new user through SSH...

8.5CVSS7.2AI score0.00255EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/16 4:1 p.m.1 views

Incorrect Privilege Assignment

Overview github.com/ubuntu/authd/internal/users is an authentication daemon for external Broker Affected versions of this package are vulnerable to Incorrect Privilege Assignment when a new user logs in via SSH and does not exist in the user database, the session assigns the user to the root grou...

8.5CVSS7.2AI score0.00255EPSS
Exploits0References2
NVD
NVD
added 2025/04/14 9:15 p.m.23 views

CVE-2023-27272

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system...

8.8CVSS0.00226EPSS
Exploits0References1
OSV
OSV
added 2025/04/14 9:15 p.m.5 views

CVE-2023-27272

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system...

8.8CVSS5.5AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2021/04/09 6:15 p.m.5 views

CVE-2020-13533

A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...

7.8CVSS7.1AI score0.00418EPSS
Exploits1References1
Rows per page
Query Builder