3 matches found
@grupo-loja/vendure-banner-plugin (=1.0.0), @grupo-loja/vendure-conect-envios-plugin (>=1.0.0 <=1.0.1) +54 more potentially affected by CVE-2026-40887 via @vendure/core (>=1.9.5 <=2.2.7)
@vendure/core NPM version =1.9.5, =1.0.0, =0.0.1, =1.0.3, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.0.0, =2.0.0, =2.2.4 and more Source cves: CVE-2026-40887 Source advisory: SNYK:JS-VENDURECORE-16068909...
CVE-2026-39528
Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through = 1.9.5...
WordPress Curator.io plugin <= 1.9.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Curator.io versions = 1.9.5...