Lucene search
K

183 matches found

Cvelist
Cvelist
added 2026/04/10 6:0 a.m.23 views

CVE-2026-4432 YITH WooCommerce Wishlist < 4.13.0 - Unauthenticated Arbitrary Wishlist Renaming via IDOR

The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ownership in the savetitle AJAX handler before allowing wishlist renaming operations. The function only checks for a valid nonce, which is publicly exposed in the page source of the /wishlist/ page,...

0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.8 views

Chamilo LMS 安全漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.38 and 2.0.0-RC.3 contained security vulnerabilities. These vulnerabilitie...

7.1CVSS5.9AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

Chamilo LMS 安全漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.38 and 2.0.0-RC.3 contained security vulnerabilities. These vulnerabilitie...

7.1CVSS5.9AI score0.0028EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

WordPress plugin YITH WooCommerce Wishlist 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

6.5CVSS5.9AI score0.00226EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/04/05 7:15 a.m.21 views

Revive Adserver: Missing access control when linking banners or campaigns to zones

A missing access control check was identified when linking banners or campaigns to a zone through the zone-include.php script of Revive Adserver 6.0.6 and earlier, or via its API. This could have allowed a low-privileged user to link their zones to banners or campaigns owned by other managers on...

4.3CVSS5.7AI score0.00235EPSS
Exploits1
OSV
OSV
added 2026/04/03 3:30 p.m.5 views

GHSA-VPH7-R229-QXPF Focalboard doesn't validate file ownership when serving uploaded files

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/27 6:36 p.m.13 views

MCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay

Summary The Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's Server-Sent Events SSE stream and intercept all real-time data. Details Root Cause The StreamableHTTPTransport...

8.2CVSS5.9AI score0.00465EPSS
Exploits1References11Affected Software1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.7 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of the save.json.php endpoint in the AI plugin, which loaded AI response objects using a...

4.3CVSS5.8AI score0.00214EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28616

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The plugin/PlayLists/View/Playlists schedules/add.json.php endpoint in AVideo allows authenticated users with streaming permission to create or modify broadcast schedules for any playlist,...

6.3CVSS5.8AI score0.00249EPSS
Exploits1References7
RubySec
RubySec
added 2026/03/27 12:0 a.m.7 views

MCP Ruby SDK - Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay

Summary The Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's Server-Sent Events SSE stream and intercept all real-time data. Details Root Cause The StreamableHTTPTransport...

8.2CVSS5.8AI score0.00465EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/03/26 4:56 p.m.3 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the improper enforcement of access controls in the ReadAll and GetTaskAttachment processes. An attacker can gain unauthorized access to and delete file attachments across all...

9.3CVSS5.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.4 views

CVE-2026-30959

OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. This affects the...

5.3CVSS5.9AI score0.00371EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-1704

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.9.29. This is due to the getitempermissionscheck method granting access to users with the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.4 views

CVE-2026-3453

The ProfilePress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.16.11. This is due to missing ownership validation on the changeplansubid parameter in the processcheckout function. The ppressprocesscheckout AJAX handler accepts a...

8.1CVSS5.8AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.7 views

CVE-2026-31820

Sylius is an Open Source eCommerce Framework on Symfony. An authenticated Insecure Direct Object Reference IDOR vulnerability exists in multiple shop LiveComponents due to unvalidated resource IDs accepted via LiveArg parameters. Unlike props, which are protected by LiveComponent's @checksum, arg...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.6 views

PT-2026-28386

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is a self-hosted artificial intelligence platform designed for offline operation. A flaw exists where any authenticated user can access private memories and files belonging to other...

3.1CVSS5.9AI score0.00253EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.17 views

PT-2026-28534

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The AVideo platform’s AI plugin contains a flaw in the save.json.php endpoint. This endpoint loads AI response objects using the $ REQUEST'id' parameter, which is controlled by the attacker,...

4.3CVSS5.9AI score0.00214EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28385

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is an artificial intelligence platform designed for offline operation. A missing access control check when deleting files from a knowledge base allows a user with write access to a...

5.4CVSS6AI score0.00252EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.3 views

CVE-2026-28433

Misskey is an open source, federated social media platform. All Misskey servers running versions 10.93.0 and later, but prior to 2026.3.1, contain a vulnerability that allows importing other users' data due to lack of ownership validation. The impact of this vulnerability is estimated to be...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 12:12 a.m.29 views

GHSA-2XC6-348P-C2X6 Sylius affected by IDOR in Cart and Checkout LiveComponents

Impact An authenticated Insecure Direct Object Reference IDOR vulnerability exists in multiple shop LiveComponents due to unvalidated resource IDs accepted via LiveArg parameters. Unlike props, which are protected by LiveComponent's @checksum, args are fully user-controlled - any action that...

7.1CVSS5.9AI score0.0029EPSS
Exploits0References3
Rows per page
Query Builder