CVE-2026-1796

The StyleBidet plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...

CVE-2026-1796

The CVE-2026-1796 entry concerns the StyleBidet WordPress plugin. Affected software: StyleBidet plugin for WordPress (versions up to 1.0.0). Issue: Reflected Cross-Site Scripting via the URL path caused by insufficient input sanitization and output escaping. Impact: unauthenticated attackers can ...

CVE-2026-1754

The personal-authors-category plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

CVE-2026-1754 personal-authors-category <= 0.3 - Reflected Cross-Site Scripting

The personal-authors-category plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

PT-2026-8077

The StyleBidet plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...

PT-2026-8075

The Geo Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL path in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

PT-2026-8050

The personal-authors-category plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

PT-2026-8076

The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL

Summary An authenticated user can bypass the application's "Disallow" file path rules by modifying the request URL. By adding multiple slashes e.g., //private/ to the path, the authorization check fails to match the rule, while the underlying filesystem resolves the path correctly, granting...

CVE-2026-0919

The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force...

Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

Summary A critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited to the policy’s namespace. As a result, any authenticated user with...

GHSA-8P9X-46GM-QFX2 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

Summary A critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited to the policy’s namespace. As a result, any authenticated user with...

EUVD-2026-4791

The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force...

PT-2026-3493

Name of the Vulnerable Software and Affected Versions IsMyGym versions affected versions not specified Description A Reflected Cross-Site Scripting XSS issue exists in IsMyGym by Zuinq Studio. This allows an attacker to execute JavaScript code in a user's browser by sending a malicious URL...

GHSA-V897-PV23-R8CW Keycloak has an improper input validation vulnerability

A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments,...

CVE-2018-12298

Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path...

curl: Denial of Service (DoS) vulnerability in dedotdotify() URL path normalization

Summary A Denial of Service DoS vulnerability exists in the dedotdotify function in lib/urlapi.c that can cause excessive CPU consumption due to On² time complexity when processing URLs with malicious path patterns containing many ../ sequences. Affected Component - Component: libcurl URL API -...

CVE-2025-13377

The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the getcachedirforpagefromurl function in all versions up to, and including, 2.32.7. This makes it possible for...

EUVD-2025-37503

IdentityIQ 8.5, IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p4, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p6, and all prior versions allows some IdentityIQ web services that provide non-HTML content to be accessed via a URL path that will set the Content-Type to HTML allowing a...

CVE-2025-53533 Pi-hole Admin Interface vulnerable to cross-site scripting via malformed URL path on 404 error page

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...