2 matches found
CVE-2026-54759
SiYuan’s Lute HTML sanitizer (prior to version 3.7.0) fails to remove elements. When combined with the SiYuan Electron client’s permissive security configuration, a malicious in a Bazaar package README can trigger arbitrary command execution on the victim’s machine when package details are view...
WordPress SMS Alert Order Notifications – WooCommerce Plugin <= 3.6.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software SMS Alert Order Notifications – WooCommerce Type Plugin Vulnerable versions = 3.6.9 Fixed in 3.7.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1489 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 78d3bccea7ab...