WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting

WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page. id: CVE-2022-0150 info: name: WordPress Accessibility Helper 0.6.0.7 - Cross-Site...

CVE-2026-12009

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Accessibility. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517332006...

CVE-2026-9199

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

EUVD-2026-37837

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

CVE-2026-9199 Equalize Digital Accessibility Checker <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification via 'largeBatch' Parameter

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

CVE-2026-9199

The CVE-2026-9199 entry concerns the WordPress plugin Equalize Digital Accessibility Checker (WCAG/ADA/EAA/Section 508) up to version 1.42.1. The root cause is missing authorization verification, allowing authenticated users with author-level access and above to modify accessibility issue records...

WordPress Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification vulnerability

Missing Authorization to Authenticated Author+ Arbitrary Accessibility Issue Modification vulnerability discovered by g0wthr in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.42.1...

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

Chromium: CVE-2026-12009 Insufficient validation of untrusted input  Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12009

Affected software: Google Chrome on macOS. Vulnerability: Insufficient validation of untrusted input in Accessibility could allow a renderer-compromised attacker to escape the sandbox via a crafted HTML page. Root cause: input validation weakness in Accessibility feature. Impact: potential sandbo...

CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trusted input validation in the Accessibility section. It could allow remote attacke...

chromium -- security fixes

Chrome Releases reports: This update includes 28 security fixes: 516731749 Critical CVE-2026-12007: Use after free Core. Reported by Google on 2026-05-26 516942828 Critical CVE-2026-12008: Use after free DigitalCredentials. Reported by Google on 2026-05-27 517332006 Critical CVE-2026-12009:...

Google Chrome < 149.0.7827.114 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.114. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop01962725236 advisory. - Use after free in Views in Google Chrome on Windows prior to...

ROS-20260610-73-0025

The vulnerability in Thunderbird is related to a behavior that varies depending on the type of implementation. Exploiting this vulnerability allows an attacker who operates remotely to compromise the confidentiality, integrity, and accessibility of the protected information...