Lucene search
K

19 matches found

Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-12134 JoomSport <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification via season_groupedit AJAX action

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00232EPSS
Exploits0References8
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-41265

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00232EPSS
Exploits0References8
NVD
NVD
added 2026/07/01 5:16 a.m.7 views

CVE-2026-12133

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Group Deletion in versions up to, and including, 5.7.8. This is due to a missing capability check in the joomsportseasongroupdel AJAX handler, which only...

4.3CVSS0.0025EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/04/10 7:23 p.m.3 views

CVE-2026-39603

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...

5.4CVSS5.8AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.6 views

CVE-2026-39603

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...

5.4CVSS0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39603 WordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...

5.8AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.21 views

CVE-2026-39603 WordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...

5.4CVSS0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.6 views

PT-2026-31168

CVE-2026-39603 Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photograph… https://t.co/55AZLLDkuy...

5.4CVSS5.8AI score0.00104EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

WordPress plugin Grand Photography 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.4CVSS5.7AI score0.00104EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000332 advisory. In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka...

7.1CVSS6.4AI score0.00361EPSS
Exploits0References4
Circl
Circl
added 2025/09/29 6:58 p.m.5 views

CVE-2025-57879

creationtimestamp| type| source ---|---|--- 2025-09-29 18:58:43+00:00| seen| Telegram/MWIZ-zk0cvRVWD5ro7tTpFIl3SdxxeIAMOKTl0SlPdv-O7U...

6.1CVSS4.8AI score0.0023EPSS
Exploits0
Patchstack
Patchstack
added 2025/01/07 11:23 p.m.7 views

WordPress Shopping Cart & eCommerce Store plugin <= 5.7.8 - Missing Authorization to Order Updates vulnerability

Missing Authorization to Order Updates vulnerability discovered by Lucio Sá in WordPress Plugin WP EasyCart versions = 5.7.8...

5.3CVSS7AI score0.00333EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.4 views

PT-2024-24007 · Metagauss · Metagauss Profilegrid

Name of the Vulnerable Software and Affected Versions: Metagauss ProfileGrid versions through 5.7.8 Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to perform unintended actions on a user's account. Recommendations: For versions...

8.8CVSS7.1AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2024/03/29 2:15 p.m.6 views

CVE-2024-30491

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8...

8.8CVSS5.8AI score0.32049EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.8 views

PT-2024-23417 · Metagauss · Metagauss Profilegrid

Name of the Vulnerable Software and Affected Versions: Metagauss ProfileGrid versions through 5.7.8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting...

8.8CVSS9.7AI score0.32049EPSS
Exploits0References5
OSV
OSV
added 2023/04/03 4:15 p.m.4 views

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

6.5CVSS5.7AI score0.00535EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.5 views

PT-2022-24471 · Trellix · Trellix Agent

Name of the Vulnerable Software and Affected Versions: Trellix Agent TA for Windows versions prior to 5.7.8 Description: An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows. This allows an attacker with admin access to elevate their privileges to System by placing a...

6.7CVSS6.4AI score0.00202EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.7 views

animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23578 via tensorflow-gpu (>=2.6.0 <=2.6.2)

tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23578 Source advisory: OSV:PYSEC-2022-142...

4.3CVSS5.8AI score0.00716EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.3 views

PT-2019-12060 · Project Jupyter +2 · Jupyter Notebook +2

Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 5.7.8 Description: The issue is related to an open redirect that can occur due to an empty netloc. This problem exists because of an incomplete fix for a previously identified issue. Recommendations: For...

7.5CVSS6AI score0.01741EPSS
Exploits1References37
Rows per page
Query Builder