CVE-2026-2532 lintsinghua DeepAudit IP Address embedding_config.py server-side request forgery

A vulnerability was detected in lintsinghua DeepAudit up to 3.0.3. This issue affects some unknown processing of the file backend/app/api/v1/endpoints/embeddingconfig.py of the component IP Address Handler. Performing a manipulation results in server-side request forgery. It is possible to initia...

WordPress Membership For WooCommerce plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by timomangcut in WordPress Plugin Membership For WooCommerce versions = 3.0.3...

WordPress AI Text to Speech plugin <= 3.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin AI Text to Speech versions = 3.0.3...

PT-2023-23712 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.0.4 Discourse version 3.1.0.beta5 and earlier in the beta and tests-passed branches Description: Discourse is an open source discussion platform. Multiple duplicate topics could be created if topic embedding is...