7 matches found
CVE-2026-1994 s2Member <= 260127 - Unauthenticated Privilege Escalation via Account Takeover
The s2Member plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 260127. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2026-0998
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate user identity and post ownership in the /api/v1/askPMI endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via...
EUVD-2025-25451
Malicious code in bioql PyPI...
CVE-2025-52395
CVE-2025-52395 affects Roadcute API v1. The vulnerability arises from an insecure password-reset endpoint that fails to validate the requester’s identity, enabling a remote attacker to execute arbitrary code. The issue is rated CVSS v3.1: 9.8 (CRITICAL) with network attack, no privileges required...
WordPress plugin WPBookit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-11284
The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's identity prior to updating their password through the accountsettingssavecallback function. This mak...
JetBrains TeamCity 授权问题漏洞
JetBrains TeamCity is a distributed build management and continuous integration tool from JetBrains Czech Republic. A security vulnerability exists in JetBrains TeamCity, which stems from the product's failure to validate user identities. An unauthenticated attacker could use the vulnerability to...