EUVD-2026-18081

CI4MS: Blogs Posts Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS...

GHSA-XGH5-W62M-8MPR CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Posts Added to Menu Persistent Payload Injection - Stored Cross-Site Scripting via Unsafe Rendering of Post Entries in Menu Management Description The application fails to properly sanitize user-controlled input when adding Posts to navigation menus throu...

CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Posts Added to Menu Persistent Payload Injection - Stored Cross-Site Scripting via Unsafe Rendering of Post Entries in Menu Management Description The application fails to properly sanitize user-controlled input when adding Posts to navigation menus throu...

Cross-site Scripting (XSS)

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS in the menu management process when user-controlled input is added to navigation menus via the Posts section and rendered without proper output...

CVE-2026-34568 CI4MS: Blogs Posts Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a...

CVE-2026-34568

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a...

CVE-2026-34568

CVE-2026-34568 affects CI4MS, a CodeIgniter 4–based CMS skeleton. The root cause is improper sanitization of user-controlled input when creating or editing blog posts, allowing a stored JavaScript payload in blog content. The payload is stored server-side and later rendered in multiple views with...

CVE-2026-34567

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts within the Categories...

CVE-2026-34567

CI4MS (CodeIgniter 4-based CMS skeleton) prior to 0.31.0.0 is vulnerable to stored XSS in the Categories section of blog posts due to insufficient input sanitization. An attacker can inject JavaScript into Categories content, which is stored server-side and rendered unsafely when viewing blog pos...

CVE-2026-34565 CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Posts to navigation menus through the Menu Manageme...

CVE-2026-34430

creationtimestamp| type| source ---|---|--- 2026-04-01 15:26:09+00:00| seen| Telegram/LPiyqtmOsuMBSJ4TiscGzigzJ0idlnzzivv75bN9d93RTXE 2026-04-01 16:29:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mih4frky4p2r 2026-04-01 16:50:34+00:00| seen|...

CVE-2026-35093

creationtimestamp| type| source ---|---|--- 2026-04-01 14:51:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3migwwdkm2v2r 2026-04-01 14:52:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3migwxqyjga2h 2026-04-01 15:26:18+00:00|...

CVE-2026-35092

creationtimestamp| type| source ---|---|--- 2026-04-01 14:51:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3migww42ltn27 2026-04-01 14:52:19+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3migwxj4al52x 2026-04-01 15:26:18+00:00|...

CVE-2026-35091

creationtimestamp| type| source ---|---|--- 2026-04-01 14:51:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3migwvvhdlz2c 2026-04-01 14:52:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3migwxbh3tn2t 2026-04-01 15:19:16+00:00| seen|...

CVE-2026-34725

creationtimestamp| type| source ---|---|--- 2026-04-01 07:49:06+00:00| published-proof-of-concept| https://github.com/dbgate/dbgate/security/advisories/GHSA-35xm-qvjg-8m42 2026-04-02 19:27:20+00:00| published-proof-of-concept| Telegram/zJs9VhJAI5JOvrL4hzeWnrOleMDgHArbbwhOuzjaL80cudA 2026-04-03...

EUVD-2026-17816

The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS including private posts in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can...

CVE-2026-2696

The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS including private posts in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can...

CVE-2026-2696

The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS including private posts in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can...

CVE-2026-2696 Export All URLs < 5.1 - Unauthenticated Sensitive Data Exposure

The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS including private posts in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can...

CVE-2026-2696

The CVE-2026-2696 entry concerns the WordPress plugin Export All URLs (versions before 5.1). Affected component: the plugin’s CSV filename generation uses a predictable pattern based on a random 6‑digit number, and exported CSVs are stored in publicly accessible wp-content/uploads. This enables a...