173 matches found
EUVD-2026-43290
The Tutor LMS WordPress plugin before 3.9.13 does not, in its Droip and Kirki page-builder integration, perform the enrollment, purchase, and private-course capability checks it enforces in its core course handler, allowing authenticated users with subscriber-level access to enroll in paid or...
CVE-2026-12275
The Tutor LMS WordPress plugin before 3.9.13 does not, in its Droip and Kirki page-builder integration, perform the enrollment, purchase, and private-course capability checks it enforces in its core course handler, allowing authenticated users with subscriber-level access to enroll in paid or...
CVE-2026-11600
The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...
EUVD-2026-41254
The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role Contributor to disclose non-public content that WordPress would not otherwise expose to them,...
EUVD-2026-41244
The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...
CVE-2026-11600
The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...
CVE-2026-11600
The CVE-2026-11600 entry concerns Envo’s Templates & Widgets for Elementor and WooCommerce (WordPress). Affected: Tabs and Off Canvas widgets up to version 1.4.26. Root cause: the Tabs widget render() passes a user-controlled template/post ID to Elementor’s get_builder_content_for_display() witho...
CVE-2026-11600 Envo's Templates & Widgets for Elementor and WooCommerce <= 1.4.26 - Missing Authorization to Authenticated (Author+) Private Content Disclosure via Envo Tabs Widget 'templates' Setting
The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...
CVE-2026-12408 Slim SEO <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure via 'object.ID' Parameter
The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...
CVE-2026-12408
The CVE-2026-12408 entry concerns the WordPress plugin Slim SEO (versions up to and including 4.9.8). The vulnerability arises from the REST endpoint /wp-json/slim-seo/meta-tags/ai: the permission_callback only checks a top-level edit_posts capability and does not verify that the requester can re...
CVE-2026-10750
The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify,...
CVE-2026-10750
CVE-2026-10750 concerns the Royal MCP WordPress plugin prior to 1.4.26. The issue arises because the plugin does not perform capability checks on most MCP tools after token authentication, enabling authenticated, low-privilege users (e.g., Subscriber) to read private content, enumerate users and ...
CVE-2026-10750 Royal MCP < 1.4.26 - Subscriber+ Insufficient Authorization in MCP Tools
The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify,...
WordPress Envo's Templates & Widgets for Elementor and WooCommerce plugin <= 1.4.26 - Missing Authorization to Authenticated (Author+) Private Content Disclosure vulnerability
Missing Authorization to Authenticated Author+ Private Content Disclosure vulnerability discovered by ? in WordPress Plugin Envo's Elementor Templates & Widgets for WooCommerce versions = 1.4.26...
WordPress Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure vulnerability
Authenticated Contributor+ Insufficient Authorization to Private Content Disclosure vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin Slim SEO versions = 4.9.8...
Gogs: LFS dedupe path leaks private repo content across tenants
Summary Git LFS storage is content-addressed by OID alone /// but per-repo authorization lives in the lfsobject table keyed repoid, oid. serveUpload skips re-uploading when the OID file already exists on disk and inserts a new repoid, oid row pointing at it without verifying the request body hash...
CVE-2026-25699
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization checks, allowing regular authenticated users to access deleted, private, or unapproved content and i...
CVE-2026-25699 Apache Answer: Authorization Bypass in Timeline API
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization checks, allowing regular authenticated users to access deleted, private, or unapproved content and i...
PT-2026-47713
Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description Timeline-related APIs lack proper authorization checks, which allows authenticated users to access content that is private, deleted, or unapproved, as well as its associated revision history...
Apache Answer 安全漏洞
Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insufficient authorization checks for time-line-related APIs, which could allow ordinary...