EUVD-2026-14743

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the listingloadmore AJAX action in all versions up to, and including, 3.8.6.1. This is due to the filteredquery parameter being excluded from the HMAC signature validation allowing attacker-controlled input to bypass security...

CVE-2026-4662

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the listingloadmore AJAX action in all versions up to, and including, 3.8.6.1. This is due to the filteredquery parameter being excluded from the HMAC signature validation allowing attacker-controlled input to bypass security...

WordPress plugin JetEngine SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

CVE-2026-33143

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the WhatsApp POST webhook handler /notification/whatsapp/webhook processes incoming status update events without verifying the Meta/WhatsApp X-Hub-Signature-256 HMAC signature, allowing any...

CVE-2026-22202

wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to...

CVE-2026-31889 Shopware has a potential take over of app credentials

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

CVE-2026-30223 OliveTin: JWT Audience Validation Bypass in Local Key and HMAC Modes

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" local RSA public key or "authJwtHmacSecret" HMAC secret, the configured audience value authJwtAud is not enforced during toke...

CVE-2026-30223 OliveTin: JWT Audience Validation Bypass in Local Key and HMAC Modes

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" local RSA public key or "authJwtHmacSecret" HMAC secret, the configured audience value authJwtAud is not enforced during toke...

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation in the authentication process when JWT tokens are parsed without enforcing the audience claim in certain configurations. An attacker can gain unauthorized access by presenting a validly signed JWT token with an...

OliveTin has JWT Audience Validation Bypass in Local Key and HMAC Modes

Summary When JWT authentication is configured using either: - authJwtPubKeyPath local RSA public key, or - authJwtHmacSecret HMAC secret, the configured audience value authJwtAud is not enforced during token parsing. As a result, validly signed JWT tokens with an incorrect aud claim are accepted...

GHSA-G962-2J28-3CG9 OliveTin has JWT Audience Validation Bypass in Local Key and HMAC Modes

Summary When JWT authentication is configured using either: - authJwtPubKeyPath local RSA public key, or - authJwtHmacSecret HMAC secret, the configured audience value authJwtAud is not enforced during token parsing. As a result, validly signed JWT tokens with an incorrect aud claim are accepted...

PT-2026-23613

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.11.1 Description OliveTin allows access to predefined shell commands from a web interface. When JWT authentication is configured using a local RSA public key authJwtPubKeyPath or an HMAC secret authJwtHmacSecret...

CVE-2026-26717

An issue in OpenFUN Richie LMS in src/richie/apps/courses/api.py. The application used the non-constant time == operator for HMAC signature verification in the synccourserunfromrequest function. This allows remote attackers to forge valid signatures and bypass authentication by measuring response...

CVE-2026-26717

OpenFUN Richie (LMS) is affected. The issue is in src/richie/apps/courses/api.py: sync_course_run_from_request uses a non-constant time == operator for HMAC signature verification, enabling timing-based forgery of valid signatures and authentication bypass. Documented in Red Hat/Snyk advisories w...

PT-2026-21958

Name of the Vulnerable Software and Affected Versions OpenFUN Richie LMS affected versions not specified Description The application uses a non-constant time comparison operator for HMAC signature verification within the sync course run from request function, located in...

CVE-2026-26717

An issue in OpenFUN Richie LMS in src/richie/apps/courses/api.py. The application used the non-constant time == operator for HMAC signature verification in the synccourserunfromrequest function. This allows remote attackers to forge valid signatures and bypass authentication by measuring response...

WordPress StoryChief Plugin Unauthenticated RCE

This module exploits an unauthenticated arbitrary file upload vulnerability in the StoryChief WordPress plugin use exploit/multi/http/wppluginstorycheffileupload msf exploitwppluginstorycheffileupload show targets ...targets... msf exploitwppluginstorycheffileupload set TARGET msf...

📄 WordPress StoryChief 1.0.42 Shell Upload

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in the StoryChief WordPress plugin less than or equal to 1.0.42. The plugin exposes a webhook endpoint at /wp-json/storychief/webhook which accepts a forged HMAC. Because the plugin uses an empty secret for HMA...

openSUSE 16 Security Update : openCryptoki (openSUSE-SU-2026:20233-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20233-1 advisory. Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap...

Security update for openCryptoki (moderate)

openSUSE security update: security update for opencryptoki ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20233-1 Rating: moderate References: bsc1256673 bsc1257116 Cross-References: CVE-2026-22791 CVE-2026-23893 CVSS scores: CVE-2026-22791 SUSE :...