CVE-2026-2351

The CVE-2026-2351 entry concerns the WordPress Task Manager plugin (up to version 3.0.2). The vulnerability is an Arbitrary File Read via the callback_get_text_from_url() function, exploitable by authenticated users with Subscriber-level access and above. The impact is exposure of contents from a...

CVE-2026-33237

WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's run function in plugin/Scheduler/Scheduler.php calls urlgetcontents with an admin-configurable callbackURL that is validated only by isValidURL URL format check. Unlike other AVideo endpoints that were...

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained code vulnerabilities. These vulnerabilities stemmed from the run function of the Scheduler plugin, which did not perform an SSRF security check on the callbackURL...

WordPress plugin Task Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2026-33237 AVideo has SSRF in Scheduler Plugin via callbackURL Missing `isSSRFSafeURL()` Validation

WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's run function in plugin/Scheduler/Scheduler.php calls urlgetcontents with an admin-configurable callbackURL that is validated only by isValidURL URL format check. Unlike other AVideo endpoints that were...

CVE-2026-33237

CVE-2026-33237 affects WWBN AVideo. The Scheduler plugin’s run() path in plugin/Scheduler/Scheduler.php uses callbackURL with isValidURL() (URL format check) but omits isSSRFSafeURL(), allowing SSRF to RFC-1918/private and cloud metadata endpoints. Concrete details show the vulnerable code at Sch...

CVE-2026-33237 AVideo has SSRF in Scheduler Plugin via callbackURL Missing `isSSRFSafeURL()` Validation

WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's run function in plugin/Scheduler/Scheduler.php calls urlgetcontents with an admin-configurable callbackURL that is validated only by isValidURL URL format check. Unlike other AVideo endpoints that were...

CVE-2026-33237 AVideo has SSRF in Scheduler Plugin via callbackURL Missing `isSSRFSafeURL()` Validation

WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's run function in plugin/Scheduler/Scheduler.php calls urlgetcontents with an admin-configurable callbackURL that is validated only by isValidURL URL format check. Unlike other AVideo endpoints that were...

CVE-2026-33237

WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's run function in plugin/Scheduler/Scheduler.php calls urlgetcontents with an admin-configurable callbackURL that is validated only by isValidURL URL format check. Unlike other AVideo endpoints that were...

EUVD-2026-13684

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381 Gainsight Assist plugin information disclosure

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381 Gainsight Assist plugin information disclosure

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)

Overview Rapid7 Labs recently identified a chain of security vulnerabilities in the Gainsight Assist plugin and its interactions with the associated domain app.gainsight.com. These vulnerabilities include an Information Disclosure flaw CVE-2026-31381 and a Reflected Cross-Site Scripting XSS...

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

PJSIP 资源管理错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained a resource management vulnerability caused by a race condition...

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...