55 matches found
CVE-2026-14482
The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-accessible API endpoint, combined with a trivially forgeable HMAC-SHA1 signature keyed on an...
CVE-2026-14482
The CVE-2026-14482 entry covers the WordPress plugin “多说社会化评论框” (
CVE-2026-14482 多说社会化评论框 <= 1.2 - Unauthenticated Privilege Escalation via api.php 'option'/'value' Parameters
The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-accessible API endpoint, combined with a trivially forgeable HMAC-SHA1 signature keyed on an...
EUVD-2026-42162
The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-accessible API endpoint, combined with a trivially forgeable HMAC-SHA1 signature keyed on an...
CVE-2026-11965
The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users after self-registering an account through the open registration flow to obtain an active subscription on any paid...
EUVD-2026-41255
The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users after self-registering an account through the open registration flow to obtain an active subscription on any paid...
CVE-2026-11965 User Registration & Membership < 5.2.0 - Unauthenticated Paid Membership Bypass
The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users after self-registering an account through the open registration flow to obtain an active subscription on any paid...
CVE-2026-11965
The CVE-2026-11965 entry affects the WordPress plugin User Registration & Membership prior to version 5.2.0. The underlying issue is that the plugin does not enforce payment completion before activating a paid membership subscription, enabling unauthenticated users (after self-registering via the...
PYSEC-2026-482 PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
Summary The Platform server exposes resources under /api/v1/workspaces/workspaceid/... and protects them with a requireworkspacememberworkspaceid FastAPI dependency. The dependency only checks that the caller is a member of the workspaceid in the URL prefix. The route handlers then look up the...
GHSA-H8Q5-CP56-RR65 PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
Summary The Platform server exposes resources under /api/v1/workspaces/workspaceid/... and protects them with a requireworkspacememberworkspaceid FastAPI dependency. The dependency only checks that the caller is a member of the workspaceid in the URL prefix. The route handlers then look up the...
PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
Summary The Platform server exposes resources under /api/v1/workspaces/workspaceid/... and protects them with a requireworkspacememberworkspaceid FastAPI dependency. The dependency only checks that the caller is a member of the workspaceid in the URL prefix. The route handlers then look up the...
PT-2026-45061
Name of the Vulnerable Software and Affected Versions PraisonAI Platform affected versions not specified Description The server contains multiple authorization flaws. First, a cross-tenant Insecure Direct Object Reference IDOR exists because the require workspace member dependency only validates...
PT-2026-36906
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.32 n8n versions prior to 2.17.4 n8n versions prior to 2.18.1 Description The MCP OAuth client registration endpoint accepts unauthenticated requests and stores client data without adequate resource controls. A remot...
SUSE CVE-2026-30855
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account...
CVE-2026-30942
A flaw was found in Flare, a file sharing platform. An authenticated path traversal vulnerability exists in the /api/avatars/filename endpoint, allowing a logged-in user to read arbitrary files from the application container. This occurs because the filename parameter is not properly sanitized,...
CVE-2026-30942
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...
CVE-2026-30942 Flare has a Path Traversal in /api/avatars/[filename]
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...
CVE-2026-30942
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...
CVE-2026-30942 Flare has a Path Traversal in /api/avatars/[filename]
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...
CVE-2026-30942
Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...