CVE-2026-47266

Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. This vulnerability is fixed in 2.2.21 and 3.1.26...

PT-2026-44977

Name of the Vulnerable Software and Affected Versions Formie versions prior to 2.2.21 Formie versions prior to 3.1.26 Description Unauthenticated users can modify existing submissions by sending a known or guessed submission ID to the 'formie/submissions/save-submission' endpoint. Recommendations...

CVE-2026-24562

Missing Authorization vulnerability in Ryviu Ryviu - Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu - Product Reviews for WooCommerce: from n/a through = 3.1.26...

CVE-2026-24562

Missing Authorization vulnerability in Ryviu Ryviu – Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu – Product Reviews for WooCommerce: from n/a through = 3.1.26...

PT-2026-4404

Name of the Vulnerable Software and Affected Versions Ryviu – Product Reviews for WooCommerce versions through 3.1.26 Description Ryviu – Product Reviews for WooCommerce contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access...

WordPress Ryviu – Product Reviews for WooCommerce plugin <= 3.1.26 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Ryviu Product Reviews for WooCommerce versions = 3.1.26...

PT-2025-7609 · Full · Full

Name of the Vulnerable Software and Affected Versions: FULL Customer versions 3.1.26 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' or PHP Local File Inclusion vulnerability...

WordPress plugin FULL Customer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress FULL – Cliente plugin <= 3.1.26 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin FULL Customer versions = 3.1.26...

CVE-2023-6964

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.26 via the 'kadenceimportgetnewconnectiondata' AJAX action. This makes it possible for authenticated attackers, with...

Security Updates for Microsoft .NET core (June 2022)

An information disclosure vulnerability exists in .NET core 6.0 6.0.6 and .NET Core 3.1 3.1.26. An unauthenticated, local attacker can exploit this, to disclose potentially sensitive information. Note that Nessus has not tested for this issue but has instead relied only on the application's...