5 matches found
CVE-2026-9095
Casdoor CVE-2026-9095 affects versions 2.362.0 and earlier. The ParseSamlResponse() in object/saml_sp.go maps retrieved SAML assertions directly to user sessions without replay protection, lacking an assertion ID cache, OneTimeUse enforcement, or replay detection in the SAML SP code path. This en...
CVE-2025-5949 Service Finder Bookings <= 6.0 - Authenticated (Subscriber+) Privilege Escalation via change_candidate_password
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's identity prior to processing a password change request. This makes it possible for...
CVE-2025-55296
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
CVE-2025-55296
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
CVE-2021-25032
The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a...