Lucene search
K

15 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-61456

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS0.00141EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42905

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 6 days ago7 views

CVE-2026-58654

The Grav API plugin getgrav/grav-plugin-api 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint /api/v1/users/user/avatar. The endpoint validates only the client-declared MIME type getClientMediaType beginning with 'image/' and does not inspect the actual file...

5.3CVSS0.00261EPSS
Exploits0References2
NVD
NVD
added 6 days ago8 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-58656 Grav API Plugin - Cross-Origin Admin Account Takeover via CORS Wildcard and JWT Query Parameter

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
CVE
CVE
added 6 days ago21 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16: accepts JWT tokens via the ?token= URL query parameter and replies with Access-Control-Allow-Origin: *, enabling unauthenticated cross-origin API requests. This can allow attackers who obtain a leaked JWT from logs/history to create persistent backdoor super-a...

8.7CVSS6AI score0.00271EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2026-58654

The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 suffers an unrestricted file upload in /api/v1/users/user/avatar: it validates only the client-declared MIME type and allows arbitrary content to be stored under user/accounts/avatars/ with predictable filenames. Although direct HTTP access is b...

5.3CVSS6.7AI score0.00261EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42265

The Grav API plugin getgrav/grav-plugin-api 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint /api/v1/users/user/avatar. The endpoint validates only the client-declared MIME type getClientMediaType beginning with 'image/' and does not inspect the actual file...

5.3CVSS6.7AI score0.00261EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.13 views

CVE-2026-42843

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

8.8CVSS5.5AI score0.0035EPSS
Exploits1References1
NVD
NVD
added 2026/05/11 5:16 p.m.32 views

CVE-2026-42843

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

8.8CVSS0.0035EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/11 3:54 p.m.12 views

CVE-2026-42843 grav-plugin-api: Grav API Privilege Escalation to Super Admin

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

8.8CVSS5.8AI score0.0035EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 3:54 p.m.6 views

CVE-2026-42843

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

8.8CVSS5.8AI score0.0035EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/11 3:54 p.m.21 views

CVE-2026-42843

The CVE-2026-42843 entry concerns Grav API Plugin for Grav CMS. It describes an insecure direct object reference and logic flaw in UsersController::update that lets any authenticated API user with api.access modify their own permission configuration, potentially escalating to Super Administrator ...

8.8CVSS5.8AI score0.0035EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/11 3:54 p.m.39 views

CVE-2026-42843 grav-plugin-api: Grav API Privilege Escalation to Super Admin

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

8.8CVSS0.0035EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/05 9:20 p.m.12 views

Grav API Privilege Escalation to Super Admin

Summary An insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any authenticated user with basic API access api.access to modify their own permission configuration. An attacker can exploit this to escalate their privileges to Super Administrator...

8.8CVSS5.9AI score0.0035EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder