Lucene search
+L

154 matches found

Nuclei
Nuclei
added yesterday66 views

WordPress FluentForms <= 5.1.16 - Broken Access Control

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...

7.5CVSS5.3AI score0.0123EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-56679 9Router: Mass assignment in PATCH /api/settings allows authenticated authorization downgrade

9Router is an AI router & token saver. Prior to 0.5.4, the PATCH /api/settings endpoint writes the entire request body to persistent settings without a field whitelist, allowing an authenticated user to set security-critical fields such as requireLogin and disable authentication for the whole...

8.7CVSS0.00324EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/08 1:48 p.m.6 views

CVE-2026-56283

Capgo before 12.128.2 contains an html injection vulnerability in the organization settings endpoint that allows attackers to inject malicious HTML content. Attackers can craft payloads in the organization name field to redirect users to untrusted websites, enabling phishing attacks and...

5.4CVSS6AI score0.00138EPSS
Exploits0References3
NVD
NVD
added 2026/07/07 9:17 p.m.23 views

CVE-2026-58473

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS0.00372EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/07 8:34 p.m.34 views

CVE-2026-58473 Cognee < 1.2.0 Unauthorized LLM Configuration Overwrite via /api/v1/settings

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS0.00372EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:34 p.m.6 views

CVE-2026-58473

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS6AI score0.00372EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/07 8:34 p.m.6 views

EUVD-2026-42095

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS6AI score0.00372EPSS
Exploits0References4
CVE
CVE
added 2026/07/07 8:34 p.m.18 views

CVE-2026-58473

CVE-2026-58473 (Cognee) vulnerability affects Cognee prior to 1.2.0. An improper access-control flaw allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which lacks admin/superuser checks. This enabl...

9.3CVSS6AI score0.00372EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 8:34 p.m.6 views

CVE-2026-58473 Cognee < 1.2.0 Unauthorized LLM Configuration Overwrite via /api/v1/settings

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS6AI score0.00372EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/07/07 8:34 p.m.6 views

CVE-2026-58473 Cognee < 1.2.0 Unauthorized LLM Configuration Overwrite via /api/v1/settings

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS6AI score0.00372EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.6 views

PT-2026-56255

Name of the Vulnerable Software and Affected Versions Cognee versions prior to 1.2.0 Description Improper access control allows unauthenticated attackers to overwrite the global LLM provider configuration. By self-registering an account and calling the '/api/v1/settings' endpoint, which lacks adm...

9.3CVSS6.1AI score0.00372EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:54 p.m.9 views

EUVD-2026-39862

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.27 views

PT-2026-52898

Name of the Vulnerable Software and Affected Versions Cudy LT300 3.0 versions prior to 2.5.12 Description Authenticated attackers can execute arbitrary commands on the underlying system by injecting shell metacharacters into the cbid.system.ntp.current POST parameter within the system time...

8.8CVSS6.6AI score0.0134EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/11 7:4 p.m.13 views

EUVD-2026-36306

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...

9.4CVSS5.7AI score0.00543EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/11 7:4 p.m.9 views

CVE-2026-49973 Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...

9.4CVSS5.5AI score0.00543EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 7:4 p.m.3 views

CVE-2026-49973 Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...

9.2CVSS6.2AI score0.00543EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.18 views

PT-2026-48730

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.358 Description Improper access control allows unauthenticated remote attackers to hijack the initial setup process. By sending a POST request to the settings API endpoint without network origin restrictions...

9.4CVSS5.5AI score0.00543EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.14 views

CVE-2026-8499

The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.2.9. This is due to the helpfulcrowdvalidatetoken function using a loose comparison operator != instead of a strict comparison !== when validating...

5.3CVSS5.6AI score0.00273EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 3:41 a.m.12 views

CVE-2026-8499 Helpfulcrowd Product Reviews <= 1.2.9 - Inccorect Authorization via Type Juggling in 'token' Parameter to Arbitrary Settings Update

The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.2.9. This is due to the helpfulcrowdvalidatetoken function using a loose comparison operator != instead of a strict comparison !== when validating...

5.3CVSS5.6AI score0.00273EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47672

Name of the Vulnerable Software and Affected Versions Helpfulcrowd Product Reviews versions prior to 1.3.0 Description The Helpfulcrowd Product Reviews plugin for WordPress allows unauthenticated authorization bypass due to PHP Type Juggling. This occurs because the helpfulcrowd validate token...

5.3CVSS5.5AI score0.00273EPSS
Exploits0References7
Rows per page
Query Builder