267 matches found
WordPress Restrict User Access <= 2.5 - Cross-Site Scripting
WordPress Restrict User Access – Membership Plugin with Force versions before 2.6 is vulnerable to Reflected Cross-Site Scripting via the 'ruasection' parameter in the admin level edit page. id: CVE-2024-29138 info: name: WordPress Restrict User Access = 2.5 - Cross-Site Scripting author: Shivam...
CVE-2026-43978
wger is a free, open-source workout and fitness manager. In versions prior to 2.6, a gym trainer can escalate their session to any higher-privileged account gym manager, general manager by chaining two calls to the trainer-login endpoint. Once a trainer performs a legitimate switch into a...
CVE-2026-46687
Emlog is an open source website building system. In 2.6.13 and earlier, the article publishing interface stores a path-traversal template parameter from apicontroller.php without validation, and logcontroller.php later checks fileexists and calls include View::getView$template, allowing an...
CVE-2026-55668
The CVE affects File Browser’s ScopedFs component prior to version 2.63.16. An authenticated user with Create and Modify permissions can trigger ScopedFs to validate the nearest existing ancestor of a dangling symlink and then follow the symlink during file creation, allowing attacker‑controlled ...
PT-2026-55863
Name of the Vulnerable Software and Affected Versions Notifications for Forms & WordPress Actions versions prior to 2.6 Description Authenticated users with subscriber-level access and above can include and execute arbitrary local PHP files on the server. This occurs because the plugin fails to...
CVE-2026-57357
Unauthenticated Cross Site Scripting XSS in Search Atlas SEO = 2.6.6 versions...
CVE-2026-57357
Unauthenticated Cross Site Scripting XSS in Search Atlas SEO = 2.6.6 versions...
CVE-2026-56069
This CVE concerns the WordPress Toolset Forms plugin (versions up to 2.6.24). The issue is an Unauthenticated Insecure Direct Object Reference (IDOR) in Toolset Forms, allowing access to objects without authentication. The CVSS 3.1 vector indicates network attack, low attack complexity, no privil...
CVE-2026-49286
PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...
CVE-2026-50590
Mimecast Incydr vulnerability CVE-2026-50590 affects versions before 2.6.0, enabling arbitrary file access. The provided documents do not specify the underlying root cause, affected components, or a remediation. No exploitation details are given. Action: monitor for updates and vendor advisories ...
Unity Linux 20.1070e Security Update: xmlgraphics-commons (UTSA-2026-016739)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016739 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...
CVE-2026-44369
CVAT (open source annotation tool) is affected by CVE-2026-44369: from versions 2.5.0 through 2.63.0, an attacker who can create or edit an annotation guide on a task can inject malicious JavaScript that runs in the browser of anyone viewing that guide. The injected code can perform arbitrary req...
CVE-2026-43948 wger: cross-tenant password reset and plaintext disclosure via gym=None bypass
wger is a free, open-source workout and fitness manager. Prior to 2.6, the resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker...
CVE-2026-43983 Pocket ID: OIDC refresh token flow bypasses authorization revocation, account disabling, and group restrictions
Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. Prior to 2.6.0, The createTokenFromRefreshToken function oidcservice.go validates the refresh token's cryptographic integrity but does not re-validate the user's current authorization state befor...
Pytorch-Lightning 安全漏洞
PyTorch-Lightning is an open-source lightweight PyTorch wrapper developed by Lightning AI in the United States. It is used for high-performance AI research. Versions of PyTorch-Lightning prior to 2.6.0 contain security vulnerabilities. These vulnerabilities stem from the...
CVE-2026-42874 Microdot: HTTP response splitting in Response.set_cookie()
Microdot is a minimalistic Python web framework. Prior to 2.6.1, the Response.setcookie method does not sanitize its string arguments, and in particular will not detect the presence of the \r\n sequence in them. This can be a potential source of header injection attacks. For a header injection...
CVE-2026-42874 Microdot: HTTP response splitting in Response.set_cookie()
Microdot is a minimalistic Python web framework. Prior to 2.6.1, the Response.setcookie method does not sanitize its string arguments, and in particular will not detect the presence of the \r\n sequence in them. This can be a potential source of header injection attacks. For a header injection...
360solutions-bc-mcp (=0.5.3), advanced-yaml (>=0.3.4 <=0.4.3) +295 more potentially affected by CVE-2026-44432 via urllib3 (>=2.6.0 <=2.6.3)
urllib3 PYPI version =2.6.0, =0.3.4, =0.1.0, =0.5.0, =0.24.2, =0.5.0, =1.0.5, =26.1.0, =26.5.0b1, =0.45.0, =0.2.6, =0.5.1, =1.6.6.8 and more Source cves: CVE-2026-44432 Source advisory: OSV:GHSA-MF9V-MFXR-J63J...
CVE-2026-36340
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
EUVD-2026-25377
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxysectionsave function in app/routes/config/routes.py. The serverip parameter, sourced from the URL path, is passed unsanitized through...