34363 matches found
WordPress weForms plugin <= 1.6.26 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin weForms versions = 1.6.26...
CVE-2026-4647
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...
CVE-2026-33297 AVideo has an IDOR - Any Admin Can Set Another User's Channel Password via setPassword.json.php
WWBN AVideo is an open source video platform. Prior to version 26.0, the setPassword.json.php endpoint in the CustomizeUser plugin allows administrators to set a channel password for any user. Due to a logic error in how the submitted password value is processed, any password containing non-numer...
CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...
CVE-2026-4647
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...
WordPress Apicona theme <= 24.1.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Apicona versions = 24.1.0...
WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Meloo versions 2.8.2...
WordPress Borgholm theme < 1.6 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Borgholm versions 1.6...
WordPress Halstein theme < 1.8 - Arbitrary Object Instantiation vulnerability
Arbitrary Object Instantiation vulnerability discovered by Denver Jackson in WordPress Theme Halstein versions 1.8...
WordPress Leroux theme < 1.4 - Arbitrary Object Instantiation vulnerability
Arbitrary Object Instantiation vulnerability discovered by Denver Jackson in WordPress Theme Leroux versions 1.4...
WordPress Archicon theme < 1.7 - Arbitrary Object Instantiation vulnerability
Arbitrary Object Instantiation vulnerability discovered by Denver Jackson in WordPress Theme Archicon versions 1.7...
WordPress Stål theme < 1.7 - Arbitrary Object Instantiation vulnerability
Arbitrary Object Instantiation vulnerability discovered by Denver Jackson in WordPress Theme Stål versions 1.7...
WordPress Kamperen theme < 1.3 - Arbitrary Object Instantiation vulnerability
Arbitrary Object Instantiation vulnerability discovered by Denver Jackson in WordPress Theme Kamperen versions 1.3...
WordPress Gracey theme < 1.4 - Arbitrary Object Instantiation vulnerability
Arbitrary Object Instantiation vulnerability discovered by Denver Jackson in WordPress Theme Gracey versions 1.4...
WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme KIDZ versions = 5.24...
WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Ricky versions 2.31...
WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Tasty Daily versions 1.27...
WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Goldish versions 3.47...
WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme WoodMart versions = 8.3.8...
WordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by daroo in WordPress Plugin LatePoint versions = 5.2.6...