235 matches found
CVE-2026-3646
The CVE concerns the WordPress plugin LTL Freight Quotes – R+L Carriers Edition (versions up to and including 3.3.13). A standalone PHP webhook handler processes GET parameters without proper authentication, authorization, or nonce verification, allowing unauthenticated attackers to modify subscr...
CVE-2026-3646 LTL Freight Quotes – R+L Carriers Edition <= 3.3.13 - Missing Authorization to Unauthenticated Settings Update
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to missing authentication, authorization, and nonce verification on a standalone PHP file that...
WordPress plugin LTL Freight Quotes – R+L Carriers Edition 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress LTL Freight Quotes - R+L Carriers Edition plugin <= 3.3.13 - Missing Authorization to Unauthenticated Settings Update vulnerability
WordPress LTL Freight Quotes - R+L Carriers Edition plugin = 3.3.13 - Missing Authorization to Unauthenticated Settings Update vulnerability discovered by Poli - CMC Global in WordPress Plugin LTL Freight Quotes – R+L Carriers Edition versions = 3.3.13...
CVE-2026-34899
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.2.1...
CVE-2026-34899
CVE-2026-34899 relates to a Missing Authorization / Broken Access Control issue in the WordPress plugin “LTL Freight Quotes – Worldwide Express Edition.” Connected details confirm the vulnerability affects versions up to 5.2.1, described as a broken access control flaw discovered in WordPress Plu...
CVE-2026-34899 WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.2.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.2.1...
EUVD-2026-19592
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.2.1...
CVE-2026-34899 WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.2.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.2.1...
WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.2.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin LTL Freight Quotes – Worldwide Express Edition versions = 5.2.1...
WordPress plugin LTL Freight Quotes – Worldwide Express Edition 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-30808
Name of the Vulnerable Software and Affected Versions Eniture technology LTL Freight Quotes – Worldwide Express Edition versions through 5.2.1 Description A missing authorization issue exists in Eniture technology LTL Freight Quotes – Worldwide Express Edition due to incorrectly configured access...
CVE-2026-27111 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints
Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the abili...
Hackers commit highway robbery, stealing cargo and goods
There’s a modern-day train heist happening across America, and this time, some of the bandana-masked robbers are sitting behind screens. According to new research, a group of cybercriminals has been attacking trucking, freight, and logistics companies for months, impersonating brands and even...
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management RMM software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according t...
Malicious code in epic-freight (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5c5d1aa48abc62d9f210f859c6b4744f874c90a610142aae853b6eeb5aa0d09 The package epic-freight was found to contain malicious code...
EUVD-2025-37144
Malicious code in epic-freight npm...
MAL-2025-49149 Malicious code in epic-freight (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5c5d1aa48abc62d9f210f859c6b4744f874c90a610142aae853b6eeb5aa0d09 The package epic-freight was found to contain malicious code...
EUVD-2018-11038
Malware in sbrugna...
EUVD-2025-27696
Malicious code in bioql PyPI...