Lucene search
+L

2036 matches found

nuclei
nuclei
added 8 hours ago18 views

Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

6.1CVSS6.5AI score0.02072EPSS
Exploits2References3
nuclei
nuclei
added 8 hours ago70 views

All Thrive Themes and Plugins - Unauthenticated Option Update

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...

5.3CVSS6.3AI score0.02076EPSS
Exploits2References2
nuclei
nuclei
added 8 hours ago88 views

AnythingLLM - Information Disclosure

AnythingLLM suffers from an information disclosure vulnerability through the /api/setup-complete API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM...

7.5CVSS7AI score0.29187EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2 days ago6 views

PT-2026-58851

Name of the Vulnerable Software and Affected Versions zhinianboke xianyu-auto-reply versions prior to 19fc3282a1bb78a05c34945c088525d20e081cbd Description An issue in the Backend User Endpoint allows remote attackers to perform manipulations that result in missing authorization. This occurs withi...

7.5CVSS7AI score0.00297EPSS
Exploits0References9
osv
osv
added 6 days ago4 views

CVE-2026-57219 RabbitMQ: Unauthenticated disclosure of OAuth client credentials via an HTTP API endpoint with certain less common OAuth 2 configurations

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, the obsolete GET /api/auth endpoint can disclose the OAuth 2 client secret on RabbitMQ installations configured with management.oauthclientsecret, exposing credentials to unauthenticated callers when the...

8.7CVSS6.1AI score0.00359EPSS
Exploits0References8
cve
cve
added 6 days ago97 views

CVE-2026-57219

RabbitMQ suffers an unauthenticated disclosure vulnerability in the management API: the obsolete GET /api/auth endpoint can reveal the OAuth 2 client secret on installations configured with management.oauth_client_secret prior to versions 3.13.15, 4.0.20, 4.1.11, and 4.2.6. The issue arises when ...

8.7CVSS6.1AI score0.00359EPSS
Exploits0References6Affected Software1
nvd
nvd
added 6 days ago7 views

CVE-2026-38057

The iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authentication. The /api/reboot endpoint accepts POST requests authenticated solely by a session cookie that lacks the SameSite attribute. A remote attacker can host a malicious web page that, when visited by an...

8.1CVSS0.00308EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/09 3:56 p.m.7 views

CVE-2026-59227

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to...

4.3CVSS6AI score0.00259EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2026/07/09 9:31 a.m.30 views

CVE-2026-12428 Blocks for ACF Fields <= 1.6.2 - Missing Authorization to Authenticated (Author+) Arbitrary ACF Field Value Disclosure via 'id' Parameter

The Blocks for ACF Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getallvalues function in the /wp-json/acf-field-blocks/v1/values REST endpoint in versions up to, and including, 1.6.2. The permissioncallback only verifies the...

6.5CVSS0.00285EPSS
Exploits0References8
cvelist
cvelist
added 2026/07/09 8:31 a.m.33 views

CVE-2026-12433 Hydra Booking <= 1.2.1 - Authenticated (Custom+) Insecure Direct Object Reference to Sensitive Information Exposure via 'booking_id' Parameter

The Hydra Booking – Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.2.1 via the /wp-json/hydra-booking/v1/booking/details/id REST endpoint. This is due to the getBookingDetails callback only...

4.3CVSS0.00435EPSS
Exploits0References10
nvd
nvd
added 2026/07/07 11:16 p.m.6 views

CVE-2026-55077

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's passwor...

7.2CVSS0.00615EPSS
Exploits0References6
cvelist
cvelist
added 2026/07/07 10:44 p.m.30 views

CVE-2026-55077 Coder: User-admin role can reset owner account password

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's passwor...

7.2CVSS0.00615EPSS
Exploits0References6
osv
osv
added 2026/07/07 10:44 p.m.7 views

CVE-2026-55077 Coder: User-admin role can reset owner account password

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's passwor...

7.2CVSS6AI score0.00615EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.12 views

PT-2026-56087

Name of the Vulnerable Software and Affected Versions flyto-core version 2.26.2 Description An unauthenticated OS command injection exists in the HTTP MCP endpoint. The endpoint POST /mcp accepts JSON-RPC tools/call requests without authentication and dispatches them to registered modules...

8.4CVSS6.3AI score
Exploits0References7
attackerkb
attackerkb
added 2026/07/01 1:18 p.m.8 views

CVE-2026-13603

The payment integration pretix-oppwa provides support for the payment providers VR Payment, Hobex, and potentially others based on Oppwa's technology. The integration of Oppwa, following their official documentation, includes a step where the user is redirected from the payment provider back to o...

10CVSS5.8AI score0.00253EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/01 3:43 a.m.35 views

CVE-2026-13468 Visualizer <= 4.0.3 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via /visualizer/v1/action/{chart}/{type}/ REST Endpoint

The Visualizer – Tables & Charts Manager with Built-in AI Generator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

7.5CVSS0.00367EPSS
Exploits0References8
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-497 pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

Summary PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network services and exfiltrate cloud provider metadata. On DigitalOcean droplets, this exposes sensitive...

9.3CVSS6AI score0.00397EPSS
Exploits1References6
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-325 DB-GPT is vulnerable to SQL Injection attacks from unauthenticated users

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

9.1CVSS7.7AI score0.01083EPSS
Exploits2References7
attackerkb
attackerkb
added 2026/06/29 7:15 a.m.6 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
osv
osv
added 2026/06/29 6:2 a.m.4 views

BIT-GITLAB-2026-8330 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint...

4.4CVSS5.8AI score0.0013EPSS
Exploits0References3
Rows per page
Query Builder