6 matches found
PT-2026-40268
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...
CVE-2026-32447
The CVE concerns the WordPress Atarim plugin (atarim-visual-collaboration) with versions up to and including 4.3.2. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling unauthorized exposure or actions. Affected scope: Atarim...
CVE-2026-27327
Missing Authorization vulnerability in YayCommerce YayMail – WooCommerce Email Customizer yaymail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayMail – WooCommerce Email Customizer: from n/a through = 4.3.2...
PT-2026-20294
The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized license key deletion due to a missing authorization check on the /yaymail-license/v1/license/delete REST endpoint in versions up to, and including, 4.3.2. This makes it possible for authenticated...
WordPress plugin Edwiser Bridge has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2025-31116
Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in validhost uses socket.gethostbyname, which is vulnerable to SSRF abuse using DNS rebinding technique. This...