PT-2026-46864

Summary A non-admin API user with integration:create ACL privilege can escalate to full administrator by creating an integration with admin: true through the Sync API POST /api/ action/sync. The regular integration endpoint POST /api/integration correctly blocks this, but the Sync API bypasses th...

PT-2026-46409

A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument social twitter results in sql injection. The attack may be launched remotely. The exploit has bee...

PT-2026-46225

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An authorization flaw exists in the Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application verifies if a matching template exists but fai...

CVE-2025-67446

Improper Authentication Authentication Bypass exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value e.g., setting it to "admin", an attacker can bypass the authentication schema and gain...

PT-2026-46764

A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available...

PT-2026-46207

Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input field. Attackers can submit payloads containing script tags and event handlers that execute in the admin area, enabling cookie...

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

PT-2026-46258

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

CVE-2025-67446

Improper Authentication Authentication Bypass exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value e.g., setting it to "admin", an attacker can bypass the authentication schema and gain...

PT-2026-46837

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed...

PT-2026-46146

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

PT-2026-46158

There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR. An attacker may obtain administrator privileges and inject specially crafted characters into the SMTP service configuration. This may cause the underlying system to execute unintended commands during process...

📄 WordPress ARMember Premium 7.3.1 Insecure Password Reset

WordPress ARMember Premium plugin versions 7.3.1 and below suffer from an insecure password reset mechanism that allows for administrative account takeover. ☠️ CVE-2026-5076 ARMember Premium --- 📋 Informasi Kerentanan | Item | Detail | |---|---| | CVE ID | CVE-2026-5076 | | Plugin | ARMember –...

PT-2026-46884

Summary A non-admin API user with integration:create ACL privilege can escalate to full administrator by creating an integration with admin: true through the Sync API POST /api/ action/sync. The regular integration endpoint POST /api/integration correctly blocks this, but the Sync API bypasses th...

PT-2026-46204

Contact Form by WD 1.13.1 contains a cross-site request forgery vulnerability combined with local file inclusion that allows unauthenticated attackers to include arbitrary files by exploiting unsanitized action parameters. Attackers can craft malicious forms targeting the admin-ajax.php endpoint...

PT-2026-46201

Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact form data. Attackers can inject script code through the name, subject, and message parameters in POST requests to...

PT-2026-46860

Summary This is a vertical authorization bypass in the Admin API affecting order state transition features /api/ action/order/orderId/state/transition and similar transaction/delivery transition routes. The root cause is that the transition action routes do not declare required server-side ACL...

PT-2026-46212

WordPress Theme Zoner Real Estate 4.1.1 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through the Address input field when creating properties. Attackers can inject JavaScript payloads in the property creation form that execu...

PT-2026-46885

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

PT-2026-46224

A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based access restrictions, potentially...