160530 matches found
CVE-2026-42743
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...
CVE-2026-42752
Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...
CVE-2026-42668
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend = 1.18.0 versions...
CVE-2026-42411
Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...
CVE-2026-42378
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
CVE-2026-40799
Unauthenticated Broken Authentication in Simple Cloudflare Turnstile = 1.38.0 versions...
CVE-2026-40781
Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...
CVE-2026-40785
Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...
CVE-2026-39450
Subscriber Broken Authentication in FunnelKit Automations = 3.7.3 versions...
Security Bulletin: MongoDB Enterprised Advanced affected by: Missing Critical Step in Authentication (CVE-2026-40542)
Summary There are vulnerabilities in httpclient5-5.6.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-40542. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-40542 DESCRIPTION: Missing critical step in authentication in Apache HttpClient 5.6 allows an...
GHSA-6V32-FJC9-9QF6 Nest: Middleware Bypass on Fastify via Trailing Slash
Impact An authentication bypass vulnerability exists in @nestjs/platform-fastify confirmed on version 11.1.24, the latest available release at time of report. When middleware is registered through NestJS's MiddlewareConsumer.forRoutes API on the Fastify adapter, an unauthenticated client can bypa...
CVE-2026-49764 WordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...
CVE-2026-49764 WordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...
EUVD-2026-36888
Unauthenticated Broken Authentication in RegistrationMagic = 6.0.8.6 versions...
CVE-2026-49764
CVE-2026-49764 concerns the WordPress plugin RegistrationMagic (≤ 6.0.8.6). The vulnerability is an unauthenticated broken authentication issue, exploitable over the network without user interaction. Affected component: RegistrationMagic core/plugin. Underlying impact per the metadata is high acr...
EUVD-2026-36885
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
CVE-2026-49110 WordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerability
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...
EUVD-2026-36866
Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...
CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...