CVE-2026-8383

The LearnPress WordPress plugin before 4.3.7 does not gate the edit context on one of its REST endpoint behind the editusers capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted...

CVE-2026-8383

The LearnPress WordPress plugin before 4.3.7 does not gate the edit context on one of its REST endpoint behind the editusers capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted...

CVE-2026-8383 LearnPress < 4.3.7 - Unauthenticated Sensitive User Information Disclosure via REST API

The LearnPress WordPress plugin before 4.3.7 does not gate the edit context on one of its REST endpoint behind the editusers capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a crafted...

CVE-2025-4056

creationtimestamp| type| source ---|---|--- 2025-07-28 15:40:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luzwj5k2io2q 2026-01-08 05:04:36+00:00| seen| Telegram/WxrxB6nrBwZwliVPEyx9PqLlLqeacusuGOqkaC87KoVWLg0 2026-02-02 14:20:51+00:00| seen|...

CVE-2025-49578 Citizen allows stored XSS in user registration date message

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by Language::userDate are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

CVE-2025-4315

creationtimestamp| type| source ---|---|--- 2025-06-11 10:35:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18064 2025-06-11 11:03:08+00:00| seen| Telegram/NGz98OHuB76pMx88tOKfrQtc8XVIqKfHlr0e5BI3wIw-X8 2025-06-11 11:03:35+00:00| seen| Telegram/buh-ut9DiubPByy1siFNTwRZbQngXllC1XVuRrrneGPkx...

CVE-2024-46538

creationtimestamp| type| source ---|---|--- 2024-10-22 20:28:40+00:00| seen| https://t.me/cvedetector/8638 2024-10-23 16:22:43+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8817 2024-10-23 17:44:48+00:00| published-proof-of-concept| https://t.me/proxybar/2323 2024-10-23...

Transport Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Transport Management System 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...