6007 matches found
GHSA-5VG9-5847-VVMQ
creationtimestamp| type| source ---|---|--- 2026-06-04 11:22:13+00:00| seen| https://bsky.app/profile/happytodev.bsky.social/post/3mnhj2p5whs2k 2026-06-04 11:22:13+00:00| seen| https://bsky.app/profile/happytodev.bsky.social/post/3mnhj2mjuzc2k 2026-06-04 11:22:14+00:00| seen|...
CVE-2026-41859
creationtimestamp| type| source ---|---|--- 2026-06-04 05:01:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngtrfyvy622 2026-06-04 07:23:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnh3pdmm2g26...
CVE-2026-41010
creationtimestamp| type| source ---|---|--- 2026-06-04 05:01:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngtr6jzac2d 2026-06-04 07:48:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnh544edlf26...
Likes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL Injection
The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
WordPress Simple Job Board - Unauthorized Data Access
The Simple Job Board plugin for WordPress is vulnerable to unauthorized data access due to insufficient authorization checking in the fetchquickjob function in all versions up to and including 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be...
CVE-2026-41860
creationtimestamp| type| source ---|---|--- 2026-06-04 03:20:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngo5dkpkj2f 2026-06-04 04:00:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngqeycd7q2k 2026-06-04 09:07:08+00:00| seen|...
CVE-2026-10737
creationtimestamp| type| source ---|---|--- 2026-06-04 03:00:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngmztd3wh22 2026-06-04 06:49:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngzsdlxk324...
CVE-2026-41011
creationtimestamp| type| source ---|---|--- 2026-06-04 03:00:27+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mngmzjmk3y2q 2026-06-04 03:00:36+00:00| seen| https://infosec.exchange/users/offseq/statuses/116689602129166209 2026-06-04 03:19:28+00:00| seen|...
CVE-2026-10777
creationtimestamp| type| source ---|---|--- 2026-06-04 01:11:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnggx2rp4b2g 2026-06-04 02:57:38+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mngmuf4q332f...
CVE-2026-8722
creationtimestamp| type| source ---|---|--- 2026-06-04 01:06:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnggo4dgrl23 2026-06-04 01:20:24+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mnghgns3a62j...
CVE-2026-22055
creationtimestamp| type| source ---|---|--- 2026-06-04 00:43:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngfeufi7727 2026-06-04 13:20:25+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnhpo4vr3n2o...
WordPress <= 5.2.4 - Unauthenticated View Private/Draft Posts
WordPress before 5.2.4 contains an information disclosure caused by mishandling of the static query property, letting unauthenticated users view certain content, exploit requires no authentication. id: CVE-2019-17671 info: name: WordPress = 5.2.4 - Unauthenticated View Private/Draft Posts author:...
CVE-2025-14771
creationtimestamp| type| source ---|---|--- 2026-06-03 06:01:01+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-545 2026-06-03 11:29:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mneyz2dgnr2o 2026-06-03 14:01:41+00:00| seen|...
CVE-2026-42849
creationtimestamp| type| source ---|---|--- 2026-06-02 23:00:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndp5kqcsp2u 2026-06-02 23:24:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndqhq2vdf2r...
CVE-2026-5076
creationtimestamp| type| source ---|---|--- 2026-06-02 20:57:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndibeexqb2m 2026-06-02 21:00:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndih7w5ct25 2026-06-03 02:06:19+00:00| seen|...
CVE-2026-40571
NamelessMC is website software for Minecraft servers. In version 2.2.4, core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This means that authenticated low-privileged users can add reactions to private...
CVE-2026-35447
NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...
CVE-2026-40314
NamelessMC is website software for Minecraft servers. In version 2.2.4,core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. modules/Core/queries/reactions.php allows unauthenticated GET requests for...
CVE-2026-40571 NamelessMC: Reactions on private or blocking profile posts can be modified without proper authorization
NamelessMC is website software for Minecraft servers. In version 2.2.4, core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This means that authenticated low-privileged users can add reactions to private...
EUVD-2026-33983
NamelessMC is website software for Minecraft servers. In version 2.2.4, core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This means that authenticated low-privileged users can add reactions to private...