PT-2026-23831

Name of the Vulnerable Software and Affected Versions Checkmate versions prior to 3.4.0 Description An unauthenticated information disclosure issue exists in the GET /api/v1/status-page/:url endpoint. The endpoint does not enforce authentication or verify if a status page is published before...

DRUPAL-CONTRIB-2026-006

This Drupal Canvas module is a new visual page builder for Drupal. You can create reusable components that match your design system, drag them onto a page, edit content in place, preview changes across multiple pages, and undo mistakes with ease. The module doesn't sufficiently validate access to...

PT-2026-5242

Name of the Vulnerable Software and Affected Versions Drupal Canvas versions prior to 1.0.4 Description The Drupal Canvas module has an authorization issue that allows forceful browsing of Canvas Pages when they are unpublished. The module does not adequately validate access to Canvas Pages,...

Mautic's Predictable Page Indexing Might Lead to Sensitive Data Exposure

Summary This advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information. Unauthorized Access to...

WordPress plugin Jetpack Carousel module of the JetPack 安全漏洞

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. redirection is a redirection management plugin used in it. jetpack is a WordPress website security management tool used in i...