5195 matches found
ThemeGrill Demo Importer < 1.6.2 - Database Reset
ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a resetwizardactions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state...
CVE-2026-9842
The Backstage - Customizer Demo Access plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.2. This is due to the plugin assigning the manageoptions capability to the backstagecustomizeruser demo role, which is more permissive than necessary for...
CVE-2026-9842
The CVE-2026-9842 entry concerns the Backstage - Customizer Demo Access plugin for WordPress (up to version 1.4.2). The root cause is that the plugin assigns the manage_options capability to the backstage_customizer_user demo role, which is more permissive than required for a Demo Access/Customiz...
CVE-2026-9842 Backstage <= 1.4.2 - Unauthenticated Privilege Escalation via Permissive Demo Role Capabilities
The Backstage - Customizer Demo Access plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.2. This is due to the plugin assigning the manageoptions capability to the backstagecustomizeruser demo role, which is more permissive than necessary for...
PYSEC-2026-841 MapProxy vulnerable to cross-site scripting in demo service
MapProxy version 1.11.1 and older are vulnerable to cross-site scripting in the demo service resulting in possible information disclosure. An incomplete fix was released in v1.10.4, and a complete fix was released in v1.11.1...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libsolv: libsolv-0.7.39-3.hum1 aarch64, x8664 libsolv-demo-0.7.39-3.hum1 aarch64, x8664 libsolv-devel-0.7.39-3.hum1 aarch64, x8664 libsolv-tools-0.7.39-3.hum1 aarch64, x8664...
CVE-2026-56255
Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write permissions to create unlimited demo applications without rate limiting or quota enforcement. Attackers can repeatedly invoke this endpoint to generate...
CVE-2026-56255
Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write permissions to create unlimited demo applications without rate limiting or quota enforcement. Attackers can repeatedly invoke this endpoint to generate...
CVE-2026-56255
Capgo before 12.128.2 contains a denial-of-service vulnerability in POST /app/demo that lets authenticated users with org write permissions create unlimited demo apps without rate limiting or quotas. Each request can trigger around 138 database write operations, leading to degraded performance, h...
CVE-2026-56255 Capgo - Denial of Service via Unlimited Demo App Creation
Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write permissions to create unlimited demo applications without rate limiting or quota enforcement. Attackers can repeatedly invoke this endpoint to generate...
CVE-2026-56255 Capgo - Denial of Service via Unlimited Demo App Creation
Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write permissions to create unlimited demo applications without rate limiting or quota enforcement. Attackers can repeatedly invoke this endpoint to generate...
CVE-2026-4328
The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.6. This is due to the plugin using wpremoteget to fetch a user-supplied URL without validating that the URL does not point to internal or private network resources in th...
CVE-2026-4328
The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.6. This is due to the plugin using wpremoteget to fetch a user-supplied URL without validating that the URL does not point to internal or private network resources in th...
EUVD-2026-37984
The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.6. This is due to the plugin using wpremoteget to fetch a user-supplied URL without validating that the URL does not point to internal or private network resources in th...
CVE-2026-4328
The WordPress Advanced Import plugin (versions ≤ 1.4.6) is vulnerable to Server-Side Request Forgery (SSRF). In demo_download_and_unzip(), the plugin passes the user-supplied demo_file from $_POST through sanitize_text_field() and then invokes wp_remote_get() when demo_file_type is 'url', without...
PT-2026-50841
Name of the Vulnerable Software and Affected Versions Advanced Import versions prior to 1.4.7 Description Server-Side Request Forgery SSRF occurs when the plugin uses the wp remote get function to fetch a user-supplied URL without validating that the destination does not point to internal or...
Malicious code in npx-whoami-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0971bcb88de070f17d932feff04cd6e66ecc825f606b412414457a3afb4ad174 The package's only code file index.js, also registered as the package's bin entry unconditionally executes require'childprocess'.execSync"bash -c...
Malicious code in friendly-greeter-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab72d8364f58d27c6ba37063af62500b494b2fcb8961c1a2b40ed1d2feabdcfe friendly-greeter-demo ships two independent remote-code-execution channels that activate automatically. postinstall.js runs on npm install and...
MAL-2026-5623 Malicious code in edu-npm-dependency-chain-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2a7d2f1e015cb530cbc560ff593abba9ecbdde04868643cc1f46c7c23b7252d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ossf-package-analysis...
Malicious code in edu-npm-dependency-chain-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2a7d2f1e015cb530cbc560ff593abba9ecbdde04868643cc1f46c7c23b7252d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ossf-package-analysis...