9654 matches found
EUVD-2026-15261
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...
CVE-2026-23315
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...
UBUNTU-CVE-2026-23315
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...
CVE-2026-23315 wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...
PT-2026-28071
Name of the Vulnerable Software and Affected Versions fontconfig versions prior to 2.17.1 Description fontconfig versions prior to 2.17.1 contain an off-by-one error in memory allocation during sfnt capability handling. This error can lead to a one-byte out-of-bounds write within the...
CVE-2026-3138
The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to the plugin's MVC framework dynamically registering unauthenticated AJAX handlers via wpajaxnopriv...
CVE-2026-33290
WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.10.0, an authorization flaw in updateComment allows an authenticated low-privileged user including a custom role with zero capabilities to change moderation status of their own comment for example to APPROVE without the...
EUVD-2026-14656
The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the checkpermissions method only checking for editposts...
EUVD-2026-14610
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the deletequestionanswer function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The...
PT-2026-27327
The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to the plugin's MVC framework dynamically registering unauthenticated AJAX handlers via wp ajax nopriv...
CVE-2026-4056 User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation
The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the checkpermissions method only checking for editposts...
CVE-2026-4056
The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the checkpermissions method only checking for editposts...
CVE-2026-4056
The CVE-2026-4056 entry concerns the WordPress plugin “User Registration & Membership.” The vulnerability arises from a missing capability check in the Content Access Rules REST API endpoints, where the code path only validates the edit_posts permission instead of an administrator-level capabilit...
CVE-2026-3225
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the deletequestionanswer function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The...
CVE-2026-4066
The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...
CVE-2026-3225
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the deletequestionanswer function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The...
CVE-2026-3225
The LearnPress – WordPress LMS Plugin is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in delete_question_answer() of the EditQuestionAjax class, affecting all versions up to and including 4.3.2.8. The AbstractAjax::catch_lp_ajax() dispatcher verif...
PT-2026-27250
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete question answer function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch ...
EUVD-2026-14150
The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callbacksearch function and insufficient input validation that allows shortcode syntax...
EUVD-2026-14161
The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing capability check on the hrp-fetch-employees AJAX action in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level...