Lucene search
+L

10 matches found

NVD
NVD
added 3 days ago8 views

CVE-2026-33731

WWBN AVideo is an open source video platform. In versions prior to 29.0, the Authorize.Net webhook handler at plugin/AuthorizeNet/webhook.php contains a signature verification bypass that allows an attacker to forge webhook requests with arbitrary payment amounts and target user IDs. By supplying...

6.5CVSS0.00205EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.9 views

CVE-2026-7686

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.7AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2026/05/03 8:16 a.m.25 views

CVE-2026-7686

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS0.00363EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/03 7:30 a.m.8 views

CVE-2026-7686

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.7AI score0.00363EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/03 7:30 a.m.6 views

CVE-2026-7686 eyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access control

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.7AI score0.00363EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/03 7:30 a.m.13 views

EUVD-2026-26824

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.4AI score0.00363EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/03 7:30 a.m.49 views

CVE-2026-7686 eyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access control

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS0.00363EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.12 views

Adblock Plus 安全漏洞

Adblock Plus is an advertising blocker developed by Ad-IP under open source principles. Versions of Adblock Plus 4.36.2 and earlier contain a security vulnerability, which stems from the postMessage function in the Legacy Premium Activation component’s premium.preload.js file. This vulnerability...

6.9CVSS6.1AI score0.00363EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.17 views

PT-2026-36689

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.7AI score0.00363EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.12 views

PT-2025-48261

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfc db fix callback function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.1AI score0.00195EPSS
Exploits0References4
Rows per page
Query Builder