CVE-2026-8787 Firebase Support & Chat Management <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the firebaseauth function authenticating the request as the WordPress user whose email is supplied in the useremail POST parameter without...

CVE-2026-9084 MISP OIDC authentication bypass via automatic email-based account linking under insecure IdP configurations

MISP’s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the email claim when the local account had no stored sub value. Under insecure or untrusted IdP configurations where email ownership is not enforced, an attacker with a valid...

CVE-2026-33707

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates tokens using sha1$email with no random component, no expiration, and no rate limiting. An attacker who knows a user's email can compute the reset token and change the...

CVE-2026-33707

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates tokens using sha1$email with no random component, no expiration, and no rate limiting. An attacker who knows a user's email can compute the reset token and change the...

Chamilo LMS 授权问题漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.38 and 2.0.0-RC.3 contained vulnerabilities related to authorization. Thes...

CVE-2026-34456

Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth authentication flow allowed automatic linking of social accounts based solely on matching email...

EUVD-2026-18009

Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth authentication flow allowed automatic linking of social accounts based solely on matching email...

CVE-2026-34456 Reviactyl: OAuth account takeover via auto-linking

Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth authentication flow allowed automatic linking of social accounts based solely on matching email...

Reviactyl 访问控制错误漏洞

Reviactyl is an open-source game server management panel developed by Reviactyl. Versions of Reviactyl prior to 26.2.0-beta.1 and 26.2.0-beta.5 contained an access control vulnerability. This vulnerability stemmed from a flaw in the OAuth authentication process, which automatically linked social...

EUVD-2026-13122

OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the HTTP response when requesting a password reset via 'ForcePasswordReset.aspx'. An attacker who knows an existing user's email address can reset the user's password and security questions. Existing...

TYPO3 E-Mail MFA Provider 安全漏洞

The TYPO3 E-Mail MFA Provider is an extension developed by Ralf Freit, which implements multi-factor authentication based on email. There is a security vulnerability in the TYPO3 E-Mail MFA Provider. This vulnerability stems from the fact that the extension fails to properly reset the generated M...

CVE-2026-22202

wpDiscuz before 7.6.47 is affected by a cross-site request forgery that lets an attacker delete all comments for a target email by triggering a crafted GET request containing a valid HMAC key. The attacker can embed the deletecomments action URL in image tags or other resources to cause permanent...

CVE-2026-22202 wpDiscuz before 7.6.47 - Destructive GET Action Deletes All Comments by Email

wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to...

CVE-2026-2418

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user such as admin by simply knowing the email...

EUVD-2026-9599

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user such as admin by simply knowing the email...

CVE-2026-2418

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user such as admin by simply knowing the email...

CVE-2026-2418

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user such as admin by simply knowing the email...

Exploit for Improper Authentication in Prestashop Prestashop_Checkout

CVE-2025-61922 Exploit: PrestaShop Checkout Account Takeover...

CVE-2025-13820

The Comments WordPress plugin before 7.6.40 does not properly validate user's identity when using the disqus.com provider, allowing an attacker to log in to any user when knowing their email address when such user does not have an account on disqus.com yet...

CVE-2025-13820 Comments – wpDiscuz < 7.6.40 - Unauthenticated Account Takeover

The Comments WordPress plugin before 7.6.40 does not properly validate user's identity when using the disqus.com provider, allowing an attacker to log in to any user when knowing their email address when such user does not have an account on disqus.com yet...