3639 matches found
WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting
WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page. id: CVE-2022-0150 info: name: WordPress Accessibility Helper 0.6.0.7 - Cross-Site...
Linux Distros Unpatched Vulnerability : CVE-2026-13806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer...
DEBIAN-CVE-2026-13806
Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13806
Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13806
Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13806
CVE-2026-13806 affects Google Chrome on desktop. The vulnerability arises from insufficient validation of untrusted input in Accessibility, allowing a renderer process compromise to bypass site isolation via a crafted HTML page. Affected versions are prior to 150.0.7871.47. The Chrome stable chan...
CVE-2026-13806
Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
PT-2026-54083
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Accessibility component allows a remote attacker who has already compromised the renderer process to bypass site isolation. This is...
CVE-2026-12009
The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Accessibility. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517332006...
CVE-2026-9199
The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
CVE-2026-9199 Equalize Digital Accessibility Checker <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification via 'largeBatch' Parameter
The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
CVE-2026-9199
The CVE-2026-9199 entry concerns the WordPress plugin Equalize Digital Accessibility Checker (WCAG/ADA/EAA/Section 508) up to version 1.42.1. The root cause is missing authorization verification, allowing authenticated users with author-level access and above to modify accessibility issue records...
EUVD-2026-37837
The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...
WordPress Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification vulnerability
Missing Authorization to Authenticated Author+ Arbitrary Accessibility Issue Modification vulnerability discovered by g0wthr in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.42.1...
firefox: Sandbox escape due to use-after-free in the Disability Access APIs component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...
Chromium: CVE-2026-12009 Insufficient validation of untrusted input Accessibility
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2026-12009
Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
DEBIAN-CVE-2026-12009
Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-12009
Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-12009
Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...