PT-2026-24917

A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...

WordPress plugin My Sticky Bar SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-32127

CVE-2026-32127 affects OpenEMR before version 8.0.0.1, via a SQL injection in the ajax graphs library caused by insufficient input validation. The vulnerability can be exploited by authenticated attackers and may impact confidentiality, integrity, and availability. The advisory states the issue i...

CVE-2026-32122

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing claim metadata claim IDs, payer info, transmission logs. The endpoint does not enforce the same A...

CVE-2026-32122

OpenEMR (Claim File Tracker UI/AJAX Endpoint) exposes billing claim metadata to authenticated users lacking proper billing permissions prior to version 8.0.0.1 due to missing authorization on the Claim File Tracker endpoint. This is fixed in 8.0.0.1. The vulnerability stems from ACLs not matching...

CVE-2026-31958

Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...

CVE-2026-32101 StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...

CVE-2026-31954 Emlog asynchronous media file deletion missing CSRF protection

Emlog is an open source website building system. In 2.6.6 and earlier, the deleteasync action asynchronous delete lacks a call to LoginAuth::checkToken, enabling CSRF attacks...

CVE-2026-31954

CVE-2026-31954 affects Emlog prior to 2.6.7 (2.6.6 and earlier), where the delete_async action omits a call to LoginAuth::checkToken(), enabling CSRF attacks against asynchronous deletions. Root cause is the missing CSRF token validation in the delete path. Documented impact is CSRF exposure; no ...

EUVD-2026-11319

Emlog is an open source website building system. In 2.6.6 and earlier, the deleteasync action asynchronous delete lacks a call to LoginAuth::checkToken, enabling CSRF attacks...

CVE-2026-31954 Emlog asynchronous media file deletion missing CSRF protection

Emlog is an open source website building system. In 2.6.6 and earlier, the deleteasync action asynchronous delete lacks a call to LoginAuth::checkToken, enabling CSRF attacks...

CVE-2026-31954 Emlog asynchronous media file deletion missing CSRF protection

Emlog is an open source website building system. In 2.6.6 and earlier, the deleteasync action asynchronous delete lacks a call to LoginAuth::checkToken, enabling CSRF attacks...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.1 contained security...

[20260301] - Core - ACL hardening in com_ajax

The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...

CVE-2026-3585 The Events Calendar <= 6.15.17 - Authenticated (Author+) Arbitrary File Read via ajax_create_import

The The Events Calendar plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.15.17 via the 'ajaxcreateimport' function. This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the...

CVE-2025-14675

The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxdeletefile' function in all versions up to, and including, 5.11.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete...

CVE-2026-2446

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options such as defaultrole etc and create arbitrary admin users...

EUVD-2026-10091

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the gspbelreusableload AJAX handler. The handler accepts an...

PT-2026-23832

Name of the Vulnerable Software and Affected Versions Meta Box versions prior to 5.11.2 Description The Meta Box plugin for WordPress is susceptible to arbitrary file deletion. This is due to inadequate file path validation within the ajax delete file function. Authenticated attackers possessing...

Django: Django: Denial of Service via crafted request with duplicate headers

A flaw was found in Django. A remote attacker can exploit this vulnerability by sending a crafted request containing multiple duplicate headers to the ASGIRequest component. This can lead to a potential Denial of Service DoS, making the affected system unavailable to legitimate users...