Lucene search
K

5 matches found

CVE
CVE
added 2026/06/13 8:29 a.m.26 views

CVE-2026-1291

CVE-2026-1291 concerns the Meow Gallery WordPress plugin. A missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/save_shortcode allows authenticated users with Author-level access or higher to arbitrarily create or overwrite gallery shortcode records by supplying a user-cont...

4.3CVSS5.3AI score0.00214EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.3 views

CVE-2026-2879

The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2. This is due to missing validation on the id parameter in the create method of the GetGenieChat REST API endpoint. The method accepts a user-controlled post ID and, when...

5.4CVSS5.9AI score0.00281EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 8:25 a.m.7 views

CVE-2026-2879

The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2. This is due to missing validation on the id parameter in the create method of the GetGenieChat REST API endpoint. The method accepts a user-controlled post ID and, when...

5.4CVSS5.9AI score0.00281EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.2 views

PT-2026-25158

The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2. This is due to missing validation on the id parameter in the create method of the GetGenieChat REST API endpoint. The method accepts a user-controlled post ID and, when...

5.4CVSS5.9AI score0.00281EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/28 12:0 a.m.6 views

PT-2024-20719 · WordPress · Gamipress

Name of the Vulnerable Software and Affected Versions: GamiPress WordPress plugin versions prior to 6.8.9 Description: The access control mechanism in the GamiPress WordPress plugin fails to properly restrict access to its settings. This allows Authors to manipulate requests and extend access to...

8.1CVSS6.6AI score0.00635EPSS
Exploits2References5
Rows per page
Query Builder