YARPP <= 5.30.10 - Missing Authorization

The YARPP Yet Another Related Posts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check in the /includes/yarppprosetdisplaytypes.php file in all versions up to, and including, 5.30.10. This makes it possible for unauthenticated attackers to set displ...

CVE-2026-2010

A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment Handler. The manipulatio...

FreeBSD : nagios -- web interface privilege escalation vulnerability (d4a358d3-e09a-11dd-a765-0030843d3802)

securityfocus reports : An attacker with low-level privileges may exploit this issue to bypass authorization and cause arbitrary commands to run within the context of the Nagios server. This may aid in further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...