CVE-2026-8157

The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API endpoints, allowing authenticated users with a custom Vitepos WordPress plugin before 3.4.2 role to escalate privileges to administrator...

CVE-2026-50881

Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator and execute unauthorized account, password, and configuration changes...

CVE-2026-35671 phpMyFAQ - Insecure Direct Object Reference in User Password API

phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API user password endpoint that allows authenticated administrators to change any user's password without authorization verification. An attacker with low-privilege admin credentials can escalate to...

OpenStack Keystone 安全漏洞

OpenStack Keystone is a core authentication component library of the OpenStack open-source project. Versions of OpenStack Keystone prior to 29.0.2 contained security vulnerabilities. These vulnerabilities stemmed from an application credential impersonation vulnerability combined with a trust...

CVE-2025-13618

The CVE concerns the Mentoring plugin for WordPress (versions up to 1.2.8). The vulnerability arises from insufficient access control in the mentoring_process_registration() function, which does not properly restrict which roles a user can register as. As a result, unauthenticated attackers can c...

CVE-2026-40349 Authenticated Movary User Can Self-Escalate to Administrator via PUT /settings/users/{userId} by Setting isAdmin=true

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate their own account to administrator by sending isAdmin=true to PUT /settings/users/userId for their own user ID. The endpoint is intended to let a user ed...

EUVD-2026-14256

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'saveextrauserprofilefields' function not properly restricting which user meta keys can be updated via profile fields. The...

PT-2026-24588

Name of the Vulnerable Software and Affected Versions Datalogics Ecommerce Delivery WordPress plugin versions prior to 2.6.60 Description The Datalogics Ecommerce Delivery WordPress plugin before version 2.6.60 has an unauthenticated REST endpoint that allows remote users to modify the datalogics...

EUVD-2026-5513

On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allows an authenticated entity administrator with knowledge to elevate his account to global administrator...

CVE-2025-65472

A Cross-Site Request Forgery CSRF in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Administrator via user interaction with a malicious web page...

CVE-2025-65472

Summary: CVE-2025-65472 describes a CSRF flaw in EasyImages 2.0 up to v2.8.6, specifically in the /admin/admin.inc.php component, enabling privilege escalation to Administrator when a user interacts with a crafted page. Affected software: EasyImages 2.0 and all builds

CVE-2025-12158 Simple User Capabilities <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the sucsubmitcapabilities function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to elevate the role of any user account t...

Exploit for CVE-2025-6758

Real Spaces - WordPress Properties Directory Theme ≤ 3.6...

Linux Distros Unpatched Vulnerability : CVE-2022-35957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server adm...

CVE-2025-20156

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could...

Sunbird DCIM dcTrack 安全漏洞

Sunbird DCIM dcTrack is an asset monitoring management software from Sunbird DCIM. A security vulnerability exists in Sunbird DCIM dcTrack version v9.1.2 that stems from the presence of cross-site request forgery CSRF, which allows an authenticated attacker to elevate the privileges of an...

CVE-2024-6482

The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.49. This is due to a lack of validation and missing capability check on user-supplied data in the 'lwpupdatepasswordaction' function. This makes it possible for...

Ivanti EPM 安全漏洞

Ivanti EPM is a one-stop shop for managing user profiles and all client devices from Ivanti USA. A security vulnerability exists in Ivanti EPM that originates from an uncontrolled search path. A local, authenticated attacker with administrator privileges could escalate their privileges to the...

PT-2024-37753 · WordPress · Json Api User +1

Name of the Vulnerable Software and Affected Versions: JSON API User plugin for WordPress versions up to, and including, 3.9.3 Description: The issue is due to improper controls on custom user meta fields, making it possible for unauthenticated attackers to register as administrators on the site...

CVE-2024-22062

There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration...