Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/03/11 6:17 a.m.6 views

CVE-2026-1753

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...

6.8CVSS0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/11 6:0 a.m.3 views

CVE-2026-1753 Gutena Forms < 1.6.1 - Contributor+ Arbitrary Limited Options Update

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...

5.8AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/11 6:0 a.m.27 views

CVE-2026-1753 Gutena Forms < 1.6.1 - Contributor+ Arbitrary Limited Options Update

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...

0.00197EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/11 6:0 a.m.5 views

EUVD-2026-11084

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...

5.8AI score0.00197EPSS
Exploits0References1
CVE
CVEadded 2026/03/11 6:0 a.m.11 views

CVE-2026-1753

Gutena Forms WordPress plugin is vulnerable before version 1.6.1 due to missing validation when updating options. This can let contributors and higher roles modify arbitrary boolean/array options (e.g., users_can_register). Upgrade to 1.6.1 or later to remediate.

6.8CVSS5.8AI score0.00197EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/03 12:29 p.m.8 views

EUVD-2025-200979

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run save handler. This makes it...

9.8CVSS5.5AI score0.00447EPSS
Exploits2References3
OSV
OSVadded 2025/04/26 6:15 a.m.5 views

CVE-2025-2907

The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to the Order Delivery Date WordPress plugin before 12.3.1. This leads to attackers being able to modi...

9.8CVSS5.6AI score0.01286EPSS
Exploits2References1
NVD
NVDadded 2024/01/08 7:15 p.m.12 views

CVE-2023-5235

The Ovic Responsive WPBakery WordPress plugin before 1.2.9 does not limit which options can be updated via some of its AJAX actions, which may allow attackers with a subscriber+ account to update blog options, such as 'userscanregister' and 'defaultrole'. It also unserializes user input in the...

8.8CVSS8.8AI score0.0056EPSS
Exploits1References1
Rows per page
Query Builder