CVE-2026-2461

Mattermost Plugins versions =11.3 11.0.3 11.2.2 10.10.11.0 fail to implement authorisation checks on comment block modifications, which allows an authorised attacker with editor permission to modify comments created by other board members. Mattermost Advisory ID: MMSA-2025-00559...

EUVD-2021-12002

Malware in sbrugna...

EUVD-2023-57944

Malicious code in bioql PyPI...

CVE-2022-0423

The 3D FlipBook WordPress plugin before 1.12.1 does not have authorisation and CSRF checks when updating its settings, and does not have any sanitisation/escaping, allowing any authenticated users, such as subscriber to put Cross-Site Scripting payloads in all pages with a 3d flipbook...

CVE-2021-25090

The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows...

Debian dsa-5785 : mediawiki - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5785 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5785-1 [email protected] https://www.debian.org/security/ Moritz...

FeedFocal <= 1.2.2 - Unauthenticated Tracking Code Update

Description The plugin is lacking authorisation checks in its feedfocalapisetup function, allowing unauthenticated attackers to update the Tracking Code via the feedfocalsurveycode option...

WP Travel < 7.8.1 - Unauthenticated AJAX Calls

Description The plugin does not have authorisation checks in various AJAX actions, allowing unauthenticated users to call them and update the plugin settings for example...

Royal Elementor Addons < 1.3.60 - Subscriber+ Arbitrary Plugin Deactivation

The plugin does not have authorisation and CSRF checks when deactivating plugins, which could allow any authenticated user, such as subscriber to perform such action...

CVE-2022-22735 Simple Quotation <= 1.3.2 - Subscriber+ SQL injection

The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation and CSRF checks in various of its AJAX actions and is lacking escaping of user data when using it in SQL statements, allowing any authenticated users, such as subscriber to perform SQL injection attacks...

CVE-2021-24730

The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and authorisation checks in the lswsssaveattachmentdata AJAX action, allowing any authenticated users, such as Subscriber, to change title, description, alt text, and URL of arbitrary uploaded media...

Code injection

The Advanced Cron Manager WordPress plugin before 2.4.2 and Advanced Cron Manager Pro WordPress plugin before 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authenticated users, such as subscriber to call them and add or remove events as well as schedules for...

Premium Addons for Elementor < 4.5.2 - Subscriber+ Arbitrary Blog Option Update

The plugin does not have any CSRF and authorisation checks in the padismissadminnotice AJAX action, available to any authenticated users, and do not validate the option key to ensure the option to update belongs to the plugin. As a result, any authenticated user, such as subscriber can update...

Cross site request forgery (csrf)

The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result,...

Easy Form Builder <= 1.0 - Unauthorised AJAX calls

While confirming https://wpscan.com/vulnerability/ed0c054b-54bf-4df8-9015-c76704c93484, we noticed that all AJAX actions of the plugin, available to authenticated users, do not have any CSRF and authorisation checks in place, allowing low privilege users to call them and delete/edit arbitrary for...

Coditor <= 1.1 - Arbitrary File Edition, Deletion and Internal Directory Listing in wp-content

The coditorprocessajax AJAX call is missing any CSRF and authorisation checks, allowing low privilege users subscriber+ to read and edit any files in the wp-content folder, as well as list its content. PoC The PoC will be displayed once the issue has been remediated...

Ultimate Membership Pro < 8.6.1 - Multiple Critical Vulnerabilities

Multiple Critical Vulnerabilities found in Ultimate Membership Pro could leads to Authenticated using a low privilege account, such as subscriber Remote Code Execution on default Installation, as well as PII disclosure such as emails, IP addresses, hashed passwords, usernames, User-Agent and so o...

2J SlideShow < 1.3.40 - Authenticated Arbitrary Plugin Deactivation

Description Lack of authorisation checks in the twojslideshowsetup function registered as an AJAX call could allow authenticated users with low privileges to deactivate arbitrary plugins...

Sliced Invoices <= 3.8.2 - Multiple Vulnerabilities

- Unauthenticated information disclosure, allowing attackers to access arbitrary invoices and quotes containing PII - Authenticated SQL injection and information disclosure - Additional issues, such as lack of CSRF and Authorisation checks on AJAX methods used to search invoices. -...

WP Google Maps <= 7.11.34 - CSRF to Stored XSS

Lack of CSRF and authorisation checks, as well as sanitisation in the wpgmapshead function in legacy-core.php can lead to stored XSS issues...