19 matches found
CVE-2026-12134 JoomSport <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification via season_groupedit AJAX action
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
EUVD-2026-41265
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-12133
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Group Deletion in versions up to, and including, 5.7.8. This is due to a missing capability check in the joomsportseasongroupdel AJAX handler, which only...
CVE-2026-39603
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...
CVE-2026-39603
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...
CVE-2026-39603 WordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...
CVE-2026-39603 WordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...
PT-2026-31168
CVE-2026-39603 Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photograph… https://t.co/55AZLLDkuy...
WordPress plugin Grand Photography 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000332)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000332 advisory. In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka...
CVE-2025-57879
creationtimestamp| type| source ---|---|--- 2025-09-29 18:58:43+00:00| seen| Telegram/MWIZ-zk0cvRVWD5ro7tTpFIl3SdxxeIAMOKTl0SlPdv-O7U...
WordPress Shopping Cart & eCommerce Store plugin <= 5.7.8 - Missing Authorization to Order Updates vulnerability
Missing Authorization to Order Updates vulnerability discovered by Lucio Sá in WordPress Plugin WP EasyCart versions = 5.7.8...
PT-2024-24007 · Metagauss · Metagauss Profilegrid
Name of the Vulnerable Software and Affected Versions: Metagauss ProfileGrid versions through 5.7.8 Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to perform unintended actions on a user's account. Recommendations: For versions...
CVE-2024-30491
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8...
PT-2024-23417 · Metagauss · Metagauss Profilegrid
Name of the Vulnerable Software and Affected Versions: Metagauss ProfileGrid versions through 5.7.8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting...
CVE-2023-0977
A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...
PT-2022-24471 · Trellix · Trellix Agent
Name of the Vulnerable Software and Affected Versions: Trellix Agent TA for Windows versions prior to 5.7.8 Description: An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows. This allows an attacker with admin access to elevate their privileges to System by placing a...
animl (>=1.1.2 <=1.1.4), audio-classification-models (=1.0.1) +7 more potentially affected by CVE-2022-23578 via tensorflow-gpu (>=2.6.0 <=2.6.2)
tensorflow-gpu PYPI version =2.6.0, =1.1.2, =0.1.5, =0.1.0, =0.9.0, =1.0.5, =1.0.6 Source cves: CVE-2022-23578 Source advisory: OSV:PYSEC-2022-142...
PT-2019-12060 · Project Jupyter +2 · Jupyter Notebook +2
Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 5.7.8 Description: The issue is related to an open redirect that can occur due to an empty netloc. This problem exists because of an incomplete fix for a previously identified issue. Recommendations: For...