Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.4 views

CVE-2026-32067

OpenClaw versions prior to 2026.2.26 contains an authorization bypass vulnerability in the pairing-store access control for direct message pairing policy that allows attackers to reuse pairing approvals across multiple accounts. An attacker approved as a sender in one account can be automatically...

8.1CVSS5.8AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.7 views

PT-2026-26743

OpenClaw versions prior to 2026.2.26 contains an authorization bypass vulnerability in the pairing-store access control for direct message pairing policy that allows attackers to reuse pairing approvals across multiple accounts. An attacker approved as a sender in one account can be automatically...

3.7CVSS5.8AI score0.00165EPSS
Exploits0References5
CVE
CVE
added 2026/03/06 11:22 p.m.13 views

CVE-2026-1644

CVE-2026-1644 pertains to the WP Frontend Profile plugin for WordPress, affected through version 1.3.8. The root cause is missing nonce validation in the update_action function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to influence user account registrations (app...

4.3CVSS5.8AI score0.0016EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/29 9:24 a.m.15 views

CVE-2026-0832

The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple REST API endpoints in all versions up to, and including, 3.2.2. This makes it possible for unauthenticated attackers to approve or deny use...

7.3CVSS5.9AI score0.00323EPSS
Exploits0References1
Rows per page
Query Builder