CVE-2026-32530

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

EUVD-2026-15899

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

CVE-2026-32530 WordPress Creator LMS plugin <= 1.1.18 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

CVE-2026-32530

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

CVE-2026-32530 WordPress Creator LMS plugin <= 1.1.18 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

CVE-2026-32530

CVE-2026-32530 is an authenticated privilege-escalation vulnerability in Creator LMS (WordPress plugin) that affects versions from initial through 1.1.18. The issue is described as an incorrect privilege assignment that allows a contributor+ user to escalate privileges. CIRCL/CVE data confirms th...

PT-2026-28044

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through = 1.1.18...

WordPress Creator LMS plugin <= 1.1.18 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Creator LMS versions = 1.1.18...

OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware

OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials...

GHSA-RWP9-5G7Q-73Q3 OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware

OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials...

flagr 安全漏洞

flagr is a monitoring service from openflagr open source. A security vulnerability exists in flagr version 1.1.18 and earlier, which stems from improper path normalization of the whitelisting logic in the HTTP middleware, which could lead to authentication bypass...

WordPress PDF Catalog for WooCommerce plugin <= 1.1.18 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by kr0d in WordPress Plugin PDF Catalog for WooCommerce versions = 1.1.18...

CVE-2025-12191

The CVE CVE-2025-12191 concerns the WordPress plugin PDF Catalog for WooCommerce. It is vulnerable to Stored Cross-Site Scripting via the pdfcatalog AJAX action in all versions up to and including 1.1.18, due to insufficient input sanitization and output escaping. Attack requires Subscriber-level...

CVE-2025-12191 PDF Catalog for WooCommerce <= 1.1.18 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The PDF Catalog for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pdfcatalog' AJAX action in all versions up to, and including, 1.1.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin PDF Catalog for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

EUVD-2018-17428

Malware in sbrugna...

EUVD-2020-15892

Malware in sbrugna...

WordPress plugin Hydra Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-30543

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2025-22499 WordPress F4 Post Tree Plugin <= 1.1.18 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through = 1.1.18...