Lucene search
K

1023 matches found

Nuclei
Nuclei
added 11 hours ago21 views

Responsive Pricing Table <= 5.1.12 - Cross-Site Scripting

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'planicons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

6.4CVSS6.2AI score0.00598EPSS
Exploits0References3
CVE
CVE
added yesterday13 views

CVE-2026-15517

CVE-2026-15517 affects Jinher OA 1.0. The vulnerability resides in an unknown function within the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx, where manipulation of the httpOID argument enables a SQL injection. Remote exploitation is possible, and an exploit has been published. The vendor ...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References5
OSV
OSV
added 2 days ago1 views

CVE-2026-56238 Capgo - Unauthenticated Information Disclosure via PostgREST global_stats Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST globalstats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics using only the public apikey. Remote attackers can query the /rest/v1/globalstats endpoin...

8.7CVSS6.1AI score0.00368EPSS
Exploits0References4
NVD
NVD
added 3 days ago5 views

CVE-2026-56240

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS0.00182EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-43169

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS6.1AI score0.00182EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

CVE-2026-56240 Capgo - Billing Authorization Bypass via Exhausted Usage Credits

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS6.1AI score0.00182EPSS
Exploits0References4
NVD
NVD
added 4 days ago5 views

CVE-2026-56309

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS0.00259EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago12 views

EUVD-2026-42883

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS6.2AI score0.00259EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago27 views

CVE-2026-56309 Capgo - Plan Bypass via Unrestricted Attachment Upload Endpoint

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS0.00259EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-56309

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, enabling plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.4CVSS6.2AI score0.00259EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 9:49 p.m.2 views

GHSA-473P-56XX-VG67 Kiwi TCMS vulnerable to stored XSS via JavaScript: URI in extra_link field (TestPlan & TestCase)

Summary In Kiwi TCMS the fields TestCase.extralink and TestPlan.extralink were meant to represent URLs to external resources however in versions prior to 16.1 user input was not being sanitized and values were rendered verbatim which represents an opportunity for cross-site scripting exploitation...

5.8AI score
Exploits0References4
EUVD
EUVD
added 2026/06/22 9:4 p.m.11 views

EUVD-2026-38370

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.getcurrentplanmaxorg RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan limits. Attackers can call the RPC endpoint with any organization UUID using only the public Supabase...

6.9CVSS6AI score0.00265EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.22 views

CVE-2026-56311 Capgo - Unauthenticated Cross-Tenant Disclosure via get_current_plan_max_org RPC

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.getcurrentplanmaxorg RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan limits. Attackers can call the RPC endpoint with any organization UUID using only the public Supabase...

6.9CVSS0.00265EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.12 views

PT-2026-51408

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An authorization bypass exists in the public.get current plan max org RPC function. Unauthenticated attackers can use the public Supabase key to call this endpoint with any organization UUID to...

6.9CVSS6AI score0.00265EPSS
Exploits0References5
CVE
CVE
added 2026/06/18 11:37 p.m.88 views

CVE-2026-12048

CVE-2026-12048 affects pgAdmin 4 (versions 6.0 up to 9.16). Stored XSS occurs when untrusted server-returned text is passed through html-react-parser in multiple user-facing sinks (toasts, dialogs, explain visualiser, SQL editor prompts, etc.), allowing an attacker-controlled PostgreSQL server to...

9.3CVSS5.4AI score0.0021EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/18 11:37 p.m.42 views

CVE-2026-12048 pgAdmin 4: Stored XSS via untrusted error and plan-node text rendered through html-react-parser

Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks fields was passed...

9.3CVSS0.0021EPSS
Exploits0References2
Schneier on Security
Schneier on Security
added 2026/06/15 11:1 a.m.21 views

The FCC Wants to Eliminate Burner Phones

A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person. The FCC plans to do this by legally forcing the country's telecoms to store a wealth of personal information about essentially all phone customers, including a government issued...

5.3AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/11 5:10 p.m.9 views

Arc: Unauthenticated access to Go debug pprof endpoints leaks runtime state and enables CPU-burn DoS

Summary Arc registers Go's net/http/pprof handlers at /debug/pprof/ via app.Usepprof.New in internal/api/server.go, and /debug/pprof is added to PublicPrefixes in cmd/arc/main.go. The auth middleware short-circuits before the token check on prefix match, so the endpoints are reachable without any...

6.1AI score0.0009EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/11 4:16 p.m.16 views

CVE-2026-4096

IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking...

6.5CVSS0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 2:44 p.m.11 views

EUVD-2026-36252

IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking...

6.5CVSS5.3AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder