2 matches found
CVE-2026-9180
The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...
Migration Planner UI 访问控制错误漏洞
The Migration Planner UI is an open-source migration planning frontend tool developed by KubeV2V. The Migration Planner UI has an access control vulnerability. This vulnerability stems from the lack of proper authorization and filtering in the/api/v1/sources route, which may allow authenticated...