CVE-2025-70046

An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master...

CVE-2025-70046

Technical details regarding CVE-2025-70046 are not publicly provided in the supplied connected documents. The records consistently reference CWE-829 and Miazzy oa-front-service master without specifics on affected components, versions, or mitigations.

EUVD-2026-9785

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1049...

EUVD-2026-9645

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through = 1.7.9...

CVE-2026-27411

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through = 1.7.9...

CVE-2026-28135

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1049...

CVE-2026-28135

The CVE refers to WP Royal Elementor Addons (royal-elementor-addons) with versions up to 1.7.1052/1051 affected. Reported as an inclusion of functionality from an untrusted control sphere, which enables Accessing Functionality Not Properly Constrained by ACLs. Public sources (NVD, Red Hat, CVE li...

CVE-2026-28104

Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through = 1.3.9...

CVE-2026-27411

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through = 1.7.9...

CVE-2026-27411

CVE-2026-27411: Guessable CAPTCHA in SiteGuard WP Plugin (

PT-2026-23405

Name of the Vulnerable Software and Affected Versions WP Royal Royal Elementor Addons versions through 1.7.1049 Description The software contains a flaw related to the inclusion of functionality from an untrusted control sphere, potentially allowing access to functionality not properly constraine...

PT-2026-23266

Guessable CAPTCHA vulnerability in jp-secure SiteGuard WP Plugin siteguard allows Functionality Bypass.This issue affects SiteGuard WP Plugin: from n/a through = 1.7.9...

CVE-2026-20106

A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...

CVE-2026-20106

A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the notifier functionality. An attacker can enumerate internal services by supplying arbitrary URLs, causing the application to send HTTP POST requests and observing UI behavior differences based on...

PT-2026-22983

A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...

PT-2026-22541

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A weakness exists in an unknown functionality of the file /admin/check studid.php. Manipulation of the student id argument can lead to SQL injection. The attack can be launched...

UBUNTU-CVE-2026-24351

PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. The vendor was notified early about this vulnerability, but didn't respond with...

CVE-2026-24351

PluXml CMS is affected by CVE-2026-24351 (Stored XSS in Static Pages editing). An attacker with editing privileges can inject arbitrary HTML/JS that is rendered when visiting the edited page. Vulnerable confirmed in versions 5.8.21 and 5.9.0-rc7; other versions were not tested and might also be v...

CVE-2026-24351

PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. The vendor was notified early about this vulnerability, but didn't respond with...