CVE-2026-42613

Grav’s Login plugin vulnerability CVE-2026-42613 arises from missing server-side validation of attacker-controlled groups and access fields in the registration flow. Prior to 2.0.0-beta.2, if registration is enabled and groups or access are allowed in the configured fields, an unauthenticated use...

EUVD-2026-9796

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...

WordPress plugin Listee 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

Linux Distros Unpatched Vulnerability : CVE-2022-50117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some...

SUSE CVE-2022-50117

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...

DEBIAN-CVE-2022-50117

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...

WordPress WP Foodbakery plugin <= 4.7 - Unauthenticated Privilege Escalation in foodbakery_registration_validation vulnerability

Unauthenticated Privilege Escalation in foodbakeryregistrationvalidation vulnerability discovered by Tonn in WordPress Plugin FoodBakery versions = 4.7...

kernel: vfio: Split migration ops from main device ops

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...

CVE-2023-29513 Users can be created even when registration is disabled without validation via the template macro in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. If guest has view right on any document. It's possible to create a new user using the distribution/firstadminuser.wiki in the wrong context. This vulnerability has been patched in XWiki...

deluxebb <= 1.3 - Multiple Vulnerabilities

No description provided by source. Author: cp77fk4r | Empty0pagEShift+2gmail.comhttp://gmail.com Vendor: http://www.deluxebb.com Directory Listing http://server/templates/ http://server/images/ http://server/logs/ http://server/wysiwyg/ http://server/docs/ http://server/classes http://server/lang...

Authentication flaw

Advanced Productivity Software DTE Axiom before 12.3.3 does not validate the registration ID, which allows remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified vectors...

DeluxeBB 1.3 - Multiple Vulnerabilities

DeluxeBB 1.3 - Multiple Vulnerabilities Author: cp77fk4r | Empty0pagEShift+2gmail.com Vendor: http://www.deluxebb.com Directory Listing http://server/templates/ http://server/images/ http://server/logs/ http://server/wysiwyg/ http://server/docs/ http://server/classes http://server/lang...