CVE-2026-40728

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

WordPress Metro Magazine theme <= 1.4.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Theme Metro Magazine versions = 1.4.1...

EUVD-2026-22883

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

CVE-2026-40728

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

CVE-2026-40728 WordPress Magazine Blocks plugin <= 1.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

CVE-2026-40728 WordPress Magazine Blocks plugin <= 1.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

CVE-2026-40728

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

CVE-2026-40728

The CVE-2026-40728 entry documents a Missing Authorization vulnerability in the WordPress Magazine Blocks plugin (BlockArt magazine-blocks) affecting versions up to 1.8.3. The issue arises from incorrectly configured access control security levels, enabling exploitation due to insufficient author...

WordPress plugin Magazine Blocks 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-33039

Name of the Vulnerable Software and Affected Versions Magazine Blocks versions prior to 1.8.4 Description BlockArt Magazine Blocks contains a missing authorization flaw that allows the exploitation of incorrectly configured access control security levels. Recommendations Update to a version later...

WordPress Post Blocks & Tools plugin <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle' Block Attribute vulnerability

Authenticated Author+ Stored Cross-Site Scripting via 'sliderStyle' Block Attribute vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Magazine Companion versions = 1.3.0...

CVE-2026-39635

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...

EUVD-2026-20290

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...

CVE-2026-39635

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...

CVE-2026-39635 WordPress Grand Magazine theme <= 3.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...

CVE-2026-39635

ThemeGoods Grand Magazine grandmagazine (WordPress) is affected by a CSRF vulnerability in versions ≤ 3.5.5 (CVE-2026-39635). The issue, documented across multiple feeds (NVD/Red Hat/EUVD), states CSRF risk with a CVSS v3.1 base score of 5.4 (Medium). The root cause is not explicitly detailed in ...

CVE-2026-39635 WordPress Grand Magazine theme <= 3.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...

WordPress plugin Grand Magazine 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-31200

CVE-2026-39635 Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n… https://t.co/Ny5L3LPBsh...

CVE-2026-24382

Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through = 1.2.50...