3 matches found
CVE-2026-4664
CVE-2026-4664 affects the WordPress plugin “Customer Reviews for WooCommerce” up to version 5.103.0. The vulnerability is an unauthenticated authentication bypass in create_review_permissions_check(), which compares the user-supplied key against the order’s ivole_secret_key meta using strict equa...
PT-2022-24825 · Pypi · Python-Jwt
Name of the Vulnerable Software and Affected Versions: python-jwt versions prior to 3.3.4 Description: The issue allows an attacker who obtains a JSON Web Token JWT to arbitrarily forge its contents without knowing the secret key. This may enable the attacker to spoof other users' identities,...
cups: authorization bypass when using "local" authorization
An authorization vulnerability was found in the CUPS printing system. This security vulnerability occurs when local authorization happens. This flaw allows an attacker to authenticate to CUPS as root/admin without the 32-byte secret key and perform arbitrary code execution...