Lucene search
K

319 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/14 6:44 a.m.6 views

CVE-2026-3892

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to...

8.1CVSS5.9AI score0.00256EPSS
Exploits0References3
CVE
CVE
added 2026/05/14 6:44 a.m.21 views

CVE-2026-3892

The Motors – Car Dealership & Classified Listings Plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to 1.4.107 due to insufficient file path validation in the become-dealer logo upload flow. An authenticated user with subscriber+ access can set an arbitrary filesyst...

8.1CVSS5.9AI score0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/14 6:44 a.m.8 views

CVE-2026-3892 Motors – Car Dealer, Classifieds & Listing <= 1.4.107 - Authenticated (Subscriber+) Arbitrary File Deletion via 'stm_dealer_logo_path' Parameter

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to...

8.1CVSS5.9AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/09 7:9 p.m.35 views

CVE-2026-42562 Plainpad: Privilege Escalation via Writable Admin Field in Profile Update (Access Control)

Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by submitting admin=true in PUT /api.php/v1/users/id. The endpoint directly persists the admin attribute from user input, and the escalated accou...

8.3CVSS0.00261EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/09 7:9 p.m.7 views

CVE-2026-42562 Plainpad: Privilege Escalation via Writable Admin Field in Profile Update (Access Control)

Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by submitting admin=true in PUT /api.php/v1/users/id. The endpoint directly persists the admin attribute from user input, and the escalated accou...

8.3CVSS5.7AI score0.00261EPSS
Exploits0References4
CVE
CVE
added 2026/05/09 7:9 p.m.12 views

CVE-2026-42562

Plainpad (self-hosted note-taking app) is affected prior to version 1.1.1. A low-privilege, authenticated user can escalate to administrator by submitting admin=true in PUT /api.php/v1/users/{id}; the endpoint stores the admin attribute from user input, allowing immediate access to admin-only rou...

8.3CVSS5.7AI score0.00261EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 6:47 a.m.23 views

CVE-2026-7457

The CVE-2026-7457 entry concerns the WordPress LatePoint plugin (versions up to 5.5.0). The root cause is insufficient input sanitization on the customer cabinet profile update endpoint: raw POST fields (first_name, last_name, phone, notes) bypass sanitization because OsCustomerModel does not ove...

6.4CVSS6AI score0.00339EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/05/06 6:47 a.m.7 views

CVE-2026-7457 LatePoint <= 5.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Customer Cabinet Profile Update

The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to and including 5.5.0. This is due to insufficient input sanitization on the customer cabinet profile update endpoint — where raw POST parameters firstname, lastname, phone, notes bypass sanitizati...

6.4CVSS6AI score0.00339EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/06 6:47 a.m.40 views

CVE-2026-7457 LatePoint <= 5.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Customer Cabinet Profile Update

The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to and including 5.5.0. This is due to insufficient input sanitization on the customer cabinet profile update endpoint — where raw POST parameters firstname, lastname, phone, notes bypass sanitizati...

6.4CVSS0.00339EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:47 a.m.5 views

CVE-2026-7457

The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to and including 5.5.0. This is due to insufficient input sanitization on the customer cabinet profile update endpoint — where raw POST parameters firstname, lastname, phone, notes bypass sanitizati...

6.4CVSS6AI score0.00339EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.16 views

PT-2026-37353

The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to and including 5.5.0. This is due to insufficient input sanitization on the customer cabinet profile update endpoint — where raw POST parameters first name, last name, phone, notes bypass...

6.4CVSS6AI score0.00339EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/05/02 4:27 a.m.30 views

CVE-2026-7641 Import and export users and customers <= 2.0.8 - Authenticated (Subscriber+) Privilege Escalation via Multisite Capability Meta Fields

The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8 via the saveextrauserprofilefields function. This is due to an incomplete blocklist that correctly restricts capability meta keys for the primary site e.g...

8.8CVSS0.00665EPSS
Exploits0References14
EUVD
EUVD
added 2026/05/02 4:27 a.m.7 views

EUVD-2026-26740

The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8 via the saveextrauserprofilefields function. This is due to an incomplete blocklist that correctly restricts capability meta keys for the primary site e.g...

8.8CVSS5.7AI score0.00665EPSS
Exploits0References14
CVE
CVE
added 2026/05/02 4:27 a.m.25 views

CVE-2026-7641

The WordPress plugin Import and export users and customers (versions ≤ 2.0.8) is vulnerable to Privilege Escalation. The root cause is an incomplete blocklist for multisite capability meta keys: primary-site keys (e.g., wp_capabilities, wp_user_level) are blocked, but multisite keys (e.g., wp_2_c...

8.8CVSS5.7AI score0.00665EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/04/29 2:48 p.m.5 views

CVE-2026-7106

The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insufficient authorization checks in the hscrmsaveuserroles function, which is hooked to the personaloptionsupdate action accessible by any...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 2:26 a.m.24 views

CVE-2026-7106

The vulnerability CVE-2026-7106 affects the Highland Software Custom Role Manager plugin for WordPress (versions up to and including 1.0.0). The root cause is insufficient authorization checks in the hscrm_save_user_roles() function, hooked to the personal_options_update action. This action is ac...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/04/21 12:0 a.m.7 views

Camaleon CMS 2.9.1 Automated Admin Login, Version Detection, and Profile Update Script

This is a version detection and profile updating script for Camaleon CMS. It does not exploit any issue but can be useful for security testing to see if a vulnerable version is in use...

5.7AI score
Exploits0
NVD
NVD
added 2026/04/07 7:16 a.m.9 views

CVE-2026-5465

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...

8.8CVSS0.00632EPSS
Exploits1References6
CVE
CVE
added 2026/04/07 6:43 a.m.29 views

CVE-2026-5465

Summary (technical): The Amelia Booking for Appointments and Events Calendar WordPress plugin (versions ≤ 2.1.3) is affected by an Insecure Direct Object Reference (IDOR) in the UpdateProviderCommandHandler. The handler does not validate ownership when a Provider (Employee) user updates their pro...

8.8CVSS6AI score0.00632EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/04/07 6:43 a.m.5 views

CVE-2026-5465

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...

8.8CVSS6AI score0.00632EPSS
Exploits1References7
Rows per page
Query Builder