Lucene search
K

4 matches found

Nuclei
Nuclei
added 2 days ago111 views

YARPP <= 5.30.10 - Missing Authorization

The YARPP Yet Another Related Posts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check in the /includes/yarppprosetdisplaytypes.php file in all versions up to, and including, 5.30.10. This makes it possible for unauthenticated attackers to set displ...

9.8CVSS6.1AI score0.43585EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 6:16 p.m.11 views

CVE-2026-57952

Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints c2profileconfigcheckwebhook, c2profileredirectruleswebhook, c2profilegetiocwebhook, c2profilesamplemessagewebhook that fail to verify payload ownership. An operator in one operation can invoke these...

6.5CVSS0.00171EPSS
Exploits0References4
OSV
OSV
added 2026/02/06 8:2 a.m.5 views

CVE-2026-2010 Sanluan PublicCMS Trade Payment TradePaymentService.java paid improper authorization

A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment Handler. The manipulatio...

2.3CVSS4.7AI score0.00325EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2009/01/12 12:0 a.m.33 views

FreeBSD : nagios -- web interface privilege escalation vulnerability (d4a358d3-e09a-11dd-a765-0030843d3802)

securityfocus reports : An attacker with low-level privileges may exploit this issue to bypass authorization and cause arbitrary commands to run within the context of the Nagios server. This may aid in further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

6.5CVSS5.6AI score0.06738EPSS
Exploits0References4
Rows per page
Query Builder