Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installoractivateaddonplugins function and a weak nonce hash in all...

ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated attacker...

CVE-2026-49954

Discuz! X5.0 (versions 20260320–20260610) is affected by a Local File Inclusion in the enable_disable.php Plugin Directory, exploitable by authenticated administrators. The vulnerability stems from importing a crafted plugin configuration that uses path traversal in the directory attribute; an ex...

Exploit for CVE-2026-10795

CVE Lab: CVE-2026-10795 - UpdraftPlus UpdraftCentral RPC Authe...

PT-2026-49309

Discuz! X5.0 releases 20260320 through 20260501 contain a local file inclusion vulnerability that allows authenticated administrators to execute arbitrary code by importing a specially crafted plugin configuration containing path traversal sequences in the directory attribute. Attackers can trigg...

WordPress Restaurant Cafeteria theme <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability

Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Theme Restaurant Cafeteria versions = 0.4.6...

PT-2026-47797

📣 ADVISORY: Researcher Trung Nguyen from @CyStackSecurity discovered Zip Slip vulnerability in EMQX MQTT Broker CVE-2026-44725, High - enabling arbitrary file write on the system via plugin installation mechanism. Details: https://t.co/iN6SWM48ig EMQX IoT Vulnerability https://t.co/DcfVVoz0qQ...

CVE-2026-35479

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account access. This level of permission requirement is out of alignment with other plugin actions such as...

CVE-2026-5464

The ExactMetrics – Google Analytics Dashboard for WordPress Website Stats Plugin plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation in all versions up to, and including, 9.1.2. This is due to the reports page exposing the 'onboardingkey' transient to a...

CVE-2026-4326

The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. This is due to improper authorization enforcement in the activaterequiredplugins function. Specifically, the currentusercan'installplugins' capability check does...

CVE-2025-53345 WordPress Thim Core plugin <= 2.3.3 - Arbitrary Plugin Installation vulnerability

Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3...

CVE-2026-2518 FastX <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation and Activation

The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and activation due to missing capability checks on the 'ultpinstallcallback' and 'ultpactivatecallback' functions in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers...

PT-2026-42722

Name of the Vulnerable Software and Affected Versions FastX theme for WordPress versions prior to 1.0.3 Description The FastX theme for WordPress allows authenticated attackers with Subscriber-level access or higher to install and activate the PostX plugin. This is caused by missing capability...

WordPress FastX theme <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation and Activation vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Plugin Installation and Activation vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Theme FastX versions = 1.0.2...

CVE-2026-44641

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but...

Portainer missing authorization on Docker plugin endpoints, which allows host RCE

Summary Portainer enforces Role-Based Access Control RBAC on top of the Docker API. The proxy layer routes incoming Docker API requests to per-resource handlers containers, images, services, volumes, etc. that apply authorization checks. The Docker plugin management endpoints /plugins/ were not...

CVE-2026-5294

The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files...

CVE-2026-5294

The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files...

CVE-2026-5294 GeekyBot <= 1.2.2 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation via 'geekybot_frontendajax' AJAX Action

The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files...

CVE-2026-5294

CVE-2026-5294 : The Geeky Bot plugin for WordPress, affected in versions up to 1.2.2, suffers a Missing Authorization vulnerability via a nopriv AJAX route (geekybot_frontendajax). Attacker-controlled model/function dispatch reaches a plugin installer helper that downloads and unzips attacker-sup...