6276 matches found
CVE-2024-41144
Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly validate synced posts, when shared channels are enabled, which allows a malicious remote to create/update/delete arbitrary posts in arbitrary channels...
CVE-2023-45603
Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902...
CVE-2025-14937
creationtimestamp| type| source ---|---|--- 2026-01-09 08:40:43+00:00| seen| https://gist.github.com/Darkcrai86/71f91f53bac596a9788663f4d7c9b0e9 2026-01-09 08:56:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mby4u5yalp2e 2026-01-09 09:02:04+00:00| seen|...
CVE-2025-14741
creationtimestamp| type| source ---|---|--- 2026-01-09 08:39:53+00:00| seen| https://gist.github.com/Darkcrai86/f14f43a714e7cd715a9ed0a8094eb18d 2026-01-09 08:53:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mby4o6vuke2y 2026-01-09 09:01:39+00:00| seen|...
CVE-2025-13753
The WP Table Builder – Drag & Drop Table Builder plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect authorization check on the savetable function in all versions up to, and including, 2.0.19. This makes it possible for authenticated attackers, with...
CVE-2025-14718
The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.9.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated...
WordPress plugin WP Table Builder – Drag & Drop Table Builder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-1712
Name of the Vulnerable Software and Affected Versions WP Table Builder – Drag & Drop Table Builder plugin for WordPress versions up to and including 2.0.19 Description The WP Table Builder – Drag & Drop Table Builder plugin for WordPress has a flaw where data can be modified without proper...
PT-2026-1753
Name of the Vulnerable Software and Affected Versions Frontend Admin by DynamiApps versions through 3.28.25 Description The Frontend Admin by DynamiApps plugin for WordPress is affected by a missing authorization check, allowing unauthorized data modification and deletion. Specifically, a missing...
PT-2026-1750
Name of the Vulnerable Software and Affected Versions PublishPress Future versions through 4.9.3 Description The Schedule Post Changes With PublishPress Future plugin for WordPress has an authorization bypass issue. The plugin does not properly verify user authorization, allowing authenticated...
CVE-2025-15464
creationtimestamp| type| source ---|---|--- 2026-01-08 22:23:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwzht4bxl2v 2026-01-08 22:24:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwzkh2pnb2p 2026-01-08 23:06:31+00:00|...
CVE-2025-68719
creationtimestamp| type| source ---|---|--- 2026-01-08 22:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwy7mh4al2b 2026-01-08 22:01:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwyb4ephd2a 2026-01-08 23:59:35+00:00| seen|...
CVE-2025-68717
creationtimestamp| type| source ---|---|--- 2026-01-08 22:00:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwy7eszjo2u 2026-01-08 22:01:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwyauiw2g22 2026-01-08 23:54:35+00:00| seen|...
CVE-2025-68716
creationtimestamp| type| source ---|---|--- 2026-01-08 22:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwy75iho62u 2026-01-08 22:01:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwyanfjhd2b 2026-01-08 23:49:35+00:00| seen|...
CVE-2026-22255
creationtimestamp| type| source ---|---|--- 2026-01-08 16:56:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwh6rcagt2b 2026-01-08 16:58:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwhdjd75l2b 2026-01-08 16:59:25+00:00| seen|...
CVE-2026-22034
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2025-14025
creationtimestamp| type| source ---|---|--- 2026-01-08 15:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwaqmb5rv2v 2026-01-08 15:01:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbwarkscob2a 2026-01-08 15:03:50+00:00|...
EUVD-2026-1676
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2026-0719
creationtimestamp| type| source ---|---|--- 2026-01-08 13:17:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbw2xedgcz2t 2026-01-08 13:17:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbw2yekpm52e 2026-01-08 14:01:19+00:00| seen|...
CVE-2026-22589
creationtimestamp| type| source ---|---|--- 2026-01-08 11:25:09+00:00| published-proof-of-concept| https://github.com/spree/spree/security/advisories/GHSA-3ghg-3787-w2xr 2026-01-10 05:00:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mc2a4yog3v22 2026-01-10 05:02:44+00:0...