6150 matches found
CVE-2026-9228
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the actiongeteventdata due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2026-9228
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the actiongeteventdata due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
EUVD-2026-32705
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the actiongeteventdata due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2026-9228 Timetable and Event Schedule by MotoPress <= 2.4.16 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via action_get_event_data Function
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the actiongeteventdata due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2026-9228
The Timetable and Event Schedule by MotoPress plugin for WordPress (MP Timetable) is affected by an Insecure Direct Object Reference vulnerability (CVE-2026-9228) in all versions up to 2.4.16. The root cause is missing validation on a user-controlled key in the action_get_event_data endpoint, ena...
CVE-2026-9228 Timetable and Event Schedule by MotoPress <= 2.4.16 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via action_get_event_data Function
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the actiongeteventdata due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
PT-2026-44180
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the action get event data due to missing validation on a user controlled key. This makes it possible for authenticated attackers,...
WordPress plugin Timetable and Event Schedule by MotoPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-45083
creationtimestamp| type| source ---|---|--- 2026-05-27 23:01:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmumewrcwo2c 2026-05-27 23:38:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmuohtjb252p...
CVE-2026-44712
creationtimestamp| type| source ---|---|--- 2026-05-27 22:01:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmuizvc4qx2e 2026-05-27 23:01:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmumfptprr2q...
CVE-2026-48152
creationtimestamp| type| source ---|---|--- 2026-05-27 19:01:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6zccumf2t 2026-05-27 20:06:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmucmavj2g2i...
CVE-2026-48149
creationtimestamp| type| source ---|---|--- 2026-05-27 19:00:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6x6poof2n 2026-05-27 19:26:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmuafe64q72n...
CVE-2026-7524
creationtimestamp| type| source ---|---|--- 2026-05-27 15:01:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmtrltwuxw2g 2026-05-27 16:14:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtvosxdoy2i...
CVE-2026-7365
creationtimestamp| type| source ---|---|--- 2026-05-27 15:01:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmtrklzls42s 2026-05-27 16:09:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtvfujfj62t 2026-06-02 23:37:06+00:00| seen|...
CVE-2026-8179
creationtimestamp| type| source ---|---|--- 2026-05-27 15:00:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmtrke4tph2w 2026-05-27 15:54:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtukz63ze2h 2026-06-05 21:37:05+00:00| seen|...
CVE-2026-42735
creationtimestamp| type| source ---|---|--- 2026-05-27 12:48:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtk5bbom62i 2026-05-27 14:01:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmto7jgoyz2t...
CVE-2026-42761
creationtimestamp| type| source ---|---|--- 2026-05-27 12:01:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmthkdikrp2n 2026-05-27 12:07:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmthuwuia32e...
CVE-2026-42755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...
EUVD-2026-32203
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...
CVE-2026-42755
CVE-2026-42755 affects the WordPress RealMag777 TableOn plugin, specifically the posts-table-filterable component, with versions up to and including 1.0.5.1. The issue is an improper neutralization of special elements used in SQL commands, resulting in a Blind SQL Injection vulnerability. The CVS...