CVE-2026-53834

OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before configured access control policies are applied, potentially triggering comman...

PT-2026-49038

OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before configured access control policies are applied, potentially triggering comman...

CVE-2025-9218 rtMedia for WordPress, BuddyPress and bbPress 4.7.0 - 4.7.3 - Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch Function

The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to Information Disclosure due to missing authorization in the handlerestpredispatch function when the Godam plugin is active, in versions 4.7.0 to 4.7.3. This makes it possible for unauthenticated attackers to...

CVE-2025-9218

The CVE-2025-9218 entry concerns rtMedia for WordPress, BuddyPress and bbPress. Wordfence reports a missing-authorization issue in rtMedia’s handle_rest_pre_dispatch() that, when the Godam plugin is active, allows unauthenticated attackers to access media items from draft or private posts. Affect...

CVE-2025-8723

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hookrestpredispatch method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject...

CVE-2025-8723

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hookrestpredispatch method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject...

CVE-2025-8723

CVE-2025-8723 affects the Cloudflare Image Resizing plugin for WordPress. The vulnerability arises from missing authentication and insufficient sanitization in the hook_rest_pre_dispatch() method, affecting all versions up to and including 1.5.6. This enables unauthenticated attackers to inject a...

CVE-2025-8723 Cloudflare Image Resizing <= 1.5.6 - Missing Authentication to Unauthenticated Remote Code Execution via rest_pre_dispatch Hook

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hookrestpredispatch method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject...

CVE-2025-8723 Cloudflare Image Resizing <= 1.5.6 - Missing Authentication to Unauthenticated Remote Code Execution via rest_pre_dispatch Hook

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hookrestpredispatch method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject...

SUSE CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

OESA-2022-1990 python-joblib security update

Joblib is a set of tools to provide lightweight pipelining in Python. Security Fixes: The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement.CVE-2022-21797...

DEBIAN-CVE-2022-21797

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...