CVE-2026-1566 LatePoint <= 5.2.7 - Authenticated (Agent+) Privilege Escalation

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 5.2.7. This is due to the plugin allowing users with a LatePoint Agent role, who are creating new customers to se...

PT-2022-24893 · Unknown +1 · Spring Remoteinvocation +1

Name of the Vulnerable Software and Affected Versions: GoCD versions prior to 21.1.0 Description: GoCD is a continuous delivery server that automates and streamlines the build-test-release cycle for continuous delivery of a product. The issue allows remote code execution on the server from a...