Lucene search
K

4 matches found

EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43156

The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.7.27. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attacker...

5.3CVSS6.2AI score0.00361EPSS
Exploits0References12
CVE
CVE
added 2026/05/29 1:7 p.m.25 views

CVE-2026-45620

Technical details for CVE-2026-45620 are not publicly available in the provided connected documents. Monitor for updates.

5.3CVSS5.8AI score0.0027EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/18 1:30 p.m.8 views

GHSA-VPFX-PXQW-2W79 AVideo CVE-2026-43881 incomplete fix - `objects/mention.json.php:17` is an unauthenticated user enumeration sibling that survives `d9cdc7024`

CVE-2026-43881 fix d9cdc7024 patched users.json.php only. The same anti-pattern survives at master HEAD in: objects/mention.json.php:17 $ignoreAdmin = true; objects/mention.json.php:18 $users = User::getAllUsers$ignoreAdmin, 'name', 'email', 'user', 'channelName', 'a'; No User::loginCheck, no adm...

5.3CVSS5.8AI score0.00193EPSS
Exploits0References4
OSV
OSV
added 2024/03/13 4:15 p.m.3 views

CVE-2024-1176

The HT Easy GA4 – Google Analytics WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the login function in all versions up to, and including, 1.1.5. This makes it possible for unauthenticated attackers to update the email...

5.3CVSS7.3AI score0.00611EPSS
Exploits0References2
Rows per page
Query Builder