2 matches found
CVE-2026-32246
Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain...
WordPress Survey Maker Plugin <= 5.0.2 is vulnerable to Cross Site Scripting (XSS)
Software Survey Maker Type Plugin Vulnerable versions = 5.0.2 Fixed in 5.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50426 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 335af01ef67c Credits Marek Mikita Required privilege...