6 matches found
EUVD-2026-26782
The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhook configuration in all versions up to, and including, 3.6.5. This is due to missing capability checks on the wpajaxpmprostripecreatewebhook, wpajaxpmprostripedeletewebhook, and...
CVE-2026-32011
OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or oversized request...
CVE-2026-32011
OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or oversized request...
CVE-2026-32011
OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or oversized request...
PT-2026-26393
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.2 Description OpenClaw contains a denial of service issue in webhook handlers for BlueBubbles and Google Chat. These handlers parse request bodies before authentication and signature validation. Unauthenticate...
PT-2026-23553
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.13 clawdbot versions prior to 2026.1.24-3 Description The software contains a denial of service issue in webhook handlers due to insufficient limits on request body size and processing time. Remote,...