Lucene search
K

8757 matches found

Nuclei
Nuclei
added yesterday12 views

HT Mega – Absolute Addons for Elementor <= 2.2.0 - Missing Authorization to Privilege Escalation

The HT Mega plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.2.0. This is due to missing validation of the regrole parameter on the htmegaajaxregister function. This makes it possible for unauthenticated attackers to create administrator accounts. id...

9.8CVSS6.2AI score0.03043EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday13 views

ZimaOS - Authentication Bypass

ZimaOS = 1.5.0 contains a broken authentication caused by improper password validation for known system service accounts in the login function, letting attackers authenticate with any password for these accounts, exploit requires knowledge of common usernames. id: CVE-2026-21891 info: name: ZimaO...

9.8CVSS6.1AI score0.02169EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday20 views

Contact Form Plugin by Fluent Forms < 5.1.17 - Unauthenticated Limited Privilege Escalation

The plugin is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint. This makes it possible for unauthenticated attackers to grant users with Fluent Form management permissions which gives them access to all of the plugin's...

9.8CVSS6.1AI score0.02333EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday66 views

The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass

The Plus Addons for Elementor plugin before version 4.1.7 allowed attackers to bypass authentication, gain admin access, and create accounts with elevated roles, even when registration was disabled and the Login widget was inactive. id: CVE-2021-24175 info: name: The Plus Addons for Elementor Pag...

9.8CVSS7AI score0.14462EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday25 views

WordPress Automatic Plugin - Unauthenticated Options Change

WordPress Automatic Plugin versions 3.53.2 and below contains a critical vulnerability that allows unauthenticated users to change arbitrary WordPress options through the processform.php script. The vulnerable script uses updateoption on all POST parameters without authentication or capability...

9.8CVSS7.1AI score0.16408EPSS
Exploits3References2
NVD
NVD
added yesterday6 views

CVE-2026-11802

The FoodBook Lite - Online Food Ordering System plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.5.6. The registration function, accessible via the wpajaxnoprivregistrationaction AJAX action, lacks any nonce verification or capability check, and...

5.3CVSS0.00311EPSS
Exploits0References8
NVD
NVD
added yesterday6 views

CVE-2026-44753

SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...

3.7CVSS0.0022EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-62327

9Router through version 0.4.41 contains an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve plaintext API keys for all connected AI provider accounts by sending a single unauthenticated request to the /api/usage/stats endpoint. Attackers can exploit th...

9.3CVSS0.00371EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-62327

The vulnerability concerns 9Router up to version 0.4.41. An unauthenticated request to the Next.js API route /api/usage/stats is possible due to missing authentication middleware, leading to exposure of plaintext API keys for all connected AI provider accounts, along with token counts, costs and ...

9.3CVSS6.1AI score0.00371EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-62327 9Router 0.4.41 - Unauthenticated API Key Exposure via /api/usage/stats

9Router through version 0.4.41 contains an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve plaintext API keys for all connected AI provider accounts by sending a single unauthenticated request to the /api/usage/stats endpoint. Attackers can exploit th...

9.3CVSS0.00371EPSS
Exploits0References2
CVE
CVE
added 2 days ago10 views

CVE-2026-61501

Rejetto HFS versions 3.0.0–3.2.0 expose a stored XSS in the admin log viewer: log entries rendered as HTML without sanitization allow a remote unauthenticated attacker to craft a username, write JavaScript to the error log, and execute code in an administrator’s browser when logs are viewed, pote...

6.1CVSS6.3AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-43315

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS6.1AI score0.00138EPSS
Exploits0References2
CVE
CVE
added 2 days ago14 views

CVE-2026-9597

Mattermost advisory MMSA-2026-00681 documents a vulnerability in Mattermost where versions 11.7.x &lt;= 11.7.2 and 11.6.x

5.4CVSS6.1AI score0.00138EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2 days ago11 views

CVE-2026-9571

Mattermost CVE-2026-9571 affects versions 11.7.x &lt;= 11.7.2, 11.6.x &lt;= 11.6.4, and 10.11.x

6.5CVSS6.1AI score0.00174EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-9571 Deactivated user accounts can continue to obtain valid OAuth access tokens via refresh token grant in Mattermost

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to invalidate OAuth refresh tokens upon user account deactivation, which allows a deactivated user or an attacker in possession of a valid refresh token to obtain new functional access tokens via the OAuth refresh token...

5.9CVSS0.00174EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-12397

The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employer's contact email for a given job, allowing authenticated users with a subscriber-level self-registerable account to read other employers' private account email addresses by enumerating job...

4.3CVSS0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-12397 WP Job Portal < 2.5.5 - Subscriber+ Employer Email Disclosure via IDOR

The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employer's contact email for a given job, allowing authenticated users with a subscriber-level self-registerable account to read other employers' private account email addresses by enumerating job...

0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-12396 WP Job Portal < 2.5.5 - Subscriber+ Arbitrary Job Approval, Featuring and Rejection

The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level self-registerable account to approve, feature, or reject arbitrary jobs, including those owned by other user...

0.0017EPSS
Exploits0References1
Nuclei
Nuclei
added 2 days ago159 views

SureTriggers – All-in-One Automation Platform ≤ 1.0.78 - Authentication Bypass

The SureTriggers- All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...

8.1CVSS7.1AI score0.7568EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2 days ago4 views

Progress MOVEit Transfer 2022.1.x / 2023.0.x < 2023.0.17 / 2023.1.x < 2023.1.12 / 2024.0.x < 2024.0.8 / 2024.1.x < 2024.1.2 Privilege Escalation (March 2025)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by a privilege escalation vulnerability as referenced in Progress Community article 000256795. - Improper Privilege Management vulnerability for users configured as Shared Accounts in...

8.8CVSS6.1AI score0.00229EPSS
Exploits0References2
Rows per page
Query Builder