CVE-2026-1004

CVE-2026-1004 affects the Essential Addons for Elementor plugin for WordPress (versions up to and including 6.5.5). The flaw, via the eael_product_quickview_popup function, allows unauthenticated attackers to exfiltrate WooCommerce product information for items with draft, pending, or private sta...

PT-2024-34395 · WordPress · The Bookster

Name of the Vulnerable Software and Affected Versions: The Bookster WordPress plugin versions prior to 1.1.1 Description: The issue allows attackers to manipulate the data sent when booking an appointment by adding sensitive parameters when validating appointments, potentially changing the status...

WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: WordPress WP Membership plugin Multiple Vulnerabilities Date: 2015/05/19 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link:...

SA-CONTRIB-2014-049 - Organic Groups (OG) - Access Bypass

Organic groups OG enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. OG doesn't sufficiently check the permissions when a group member is pending or blocked status within the gro...

PacketFence v2.0.0 - Latest Version !

"PacketFencePacketFence is an open-source network access control NAC system which provides the following features: registration, detection of abnormal network activities, proactive vulnerability scans, isolation of problematic devices, remediation through a captive portal, 802.1X, wireless...