CVE-2026-32461

CVE-2026-32461 concerns the WordPress plugin Really Simple SSL (<= 9.5.7). The connected records describe a Missing Authorization vulnerability in the plugin, enabling access control bypass due to “Incorrectly Configured Access Control Security Levels.” The affected component is the Really Sim...

CVE-2026-32461 WordPress Really Simple SSL plugin <= 9.5.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

CVE-2026-32461

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

PT-2026-25305

CVE-2026-32461 Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Sim... https://t.co/0dxaonXInG...

EUVD-2022-26903

Malicious code in bioql PyPI...

PT-2025-38978

Name of the Vulnerable Software and Affected Versions ptibogxiv Doliconnect versions through 9.5.7 Description A Cross-Site Request Forgery CSRF issue exists in ptibogxiv Doliconnect, which also allows Stored Cross-Site Scripting XSS. This allows an attacker to potentially perform actions on beha...

PT-2024-29128 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.7 Mattermost versions 9.10.x through 9.10.0 Description: The issue is related to improper permission enforcement, allowing a team admin user without the "Add Team Members" permission to disable the invite...

Security fix for the ALT Linux 9 package glpi version 9.5.7-alt1

9.5.7-alt1 built March 21, 2022 Pavel Zilke in task 296878 Jan. 27, 2022 Pavel Zilke - New version 9.5.7 - This is a security release, upgrading is recommended - Security fixes: + CVE-2022-21720 : SQL injection using custom CSS administration form + CVE-2022-21719 : Reflected XSS using reload but...

Security fix for the ALT Linux 10 package glpi version 9.5.7-alt1

9.5.7-alt1 built March 18, 2022 Pavel Zilke in task 296717 Jan. 27, 2022 Pavel Zilke - New version 9.5.7 - This is a security release, upgrading is recommended - Security fixes: + CVE-2022-21720 : SQL injection using custom CSS administration form + CVE-2022-21719 : Reflected XSS using reload but...

UBUNTU-CVE-2022-21720

GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the Entities update right prevents exploitation...

Sql injection

GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the Entities update right prevents exploitation...

CVE-2022-21720 SQL injection using custom CSS administration form in GLPI

GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the Entities update right prevents exploitation...

CVE-2022-21719

GLPI is a free asset and IT management software package. All GLPI versions prior to 9.5.7 are vulnerable to reflected cross-site scripting. Version 9.5.7 contains a patch for this issue. There are no known workarounds...

UBUNTU-CVE-2022-21719

GLPI is a free asset and IT management software package. All GLPI versions prior to 9.5.7 are vulnerable to reflected cross-site scripting. Version 9.5.7 contains a patch for this issue. There are no known workarounds...

TYPO3 8.5.x <= 8.7.26 and 9.x.x <= 9.5.7 Security Misconfiguration Vulnerability

TYPO3 CMS is susceptible to a security misconfiguration vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...