Lucene search
K

1056 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-9237

The Employee, Leave and Recruitment Management System – Crew HRM plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00227EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42566

The Employee, Leave and Recruitment Management System – Crew HRM plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score0.00227EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-9237 Employee, Leave and Recruitment Management System <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Job Deletion via crewhrm_singleJobAction AJAX Action

The Employee, Leave and Recruitment Management System – Crew HRM plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00227EPSS
Exploits0References7
CVE
CVE
added 5 days ago10 views

CVE-2026-9237

Summary: CVE-2026-9237 affects the WordPress plugin “Crew HRM” (Employee, Leave and Recruitment Management System). All versions up to 1.2.2 are vulnerable to an authorization bypass due to improper access verification. Authenticated users with subscriber-level access or higher can delete, archiv...

4.3CVSS6AI score0.00227EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.4AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 2:16 p.m.16 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS0.00165EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 2:1 p.m.13 views

CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 2:1 p.m.13 views

EUVD-2026-33931

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 2:1 p.m.21 views

CVE-2026-27351

CVE-2026-27351 affects the WordPress Crew HRM plugin up to version 1.2.2. Root cause: Missing Authorization through incorrectly configured access control. Impact includes Low integrity, Low availability, and No confidentiality impact per CVSS 3.1 (base score 5.4). Attack vector is Network with Lo...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 2:1 p.m.41 views

CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS0.00165EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/02 2:1 p.m.15 views

WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Crew HRM versions = 1.2.2...

5.4CVSS5.8AI score0.00165EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

WordPress plugin Crew HRM 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.5AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-45747

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References2
Wired Threat Level
Wired Threat Level
added 2026/05/30 10:30 a.m.36 views

Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more...

5.8AI score
Exploits0
Patchstack
Patchstack
added 2026/05/01 9:16 a.m.10 views

WordPress Role Based Pricing for Woo by Meow Crew plugin <= 1.6.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin WooCommerce Role Based Pricing by Meow Crew versions = 1.6.0...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
HackRead
HackRead
added 2026/01/03 8:11 p.m.9 views

Finnish Authorities Detain Crew After Undersea Internet Cable Severed

After a sudden internet cable break between Finland and Estonia, authorities have seized the cargo ship Fitburg. With two crew members arrested and sanctioned steel found on board, investigators are now probing if this was an accident or a deliberate act of hybrid warfare...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-4777

Malware in sbrugna...

7.5CVSS6.4AI score0.01309EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2007-1984

Malware in sbrugna...

7.5CVSS6.4AI score0.01194EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-46787

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00584EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-46788

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01096EPSS
Exploits1References1
Rows per page
Query Builder