Lucene search
+L

122154 matches found

cve
cve
added 4 hours ago6 views

CVE-2026-15407

The CVE-2026-15407 entry describes an authorization bypass in Themify Builder for WordPress up to version 7.7.7. The underlying issue is insufficient verification of a user’s authorization for actions performed via the tb_generate_on_fly AJAX action, enabling authenticated users with subscriber-l...

4.3CVSS6.2AI score
Exploits0References10
cve
cve
added 6 hours ago5 views

CVE-2026-12906

The RTMKit Addons for Elementor WordPress plugin, prior to version 2.0.9, exposes an AJAX action that does not perform a capability check and directly resolves a request-supplied post ID. This allows users with at least the Contributor role to read the titles of private, draft, pending, scheduled...

6.1AI score
Exploits0References1
euvd
euvd
added 6 hours ago3 views

EUVD-2026-44879

The RTMKit WordPress plugin before 2.0.9 does not perform a capability check in one of its AJAX actions and resolves a request-supplied post identifier directly, allowing users with at least the Contributor role to read the titles of other users' private, draft, pending, scheduled and trashed pos...

6.1AI score
Exploits0References1
cve
cve
added 6 hours ago6 views

CVE-2026-12510

The vulnerability affects the AI Engine WordPress plugin prior to 3.5.5 . It arises from a missing ownership verification for a client-supplied chatbot conversation identifier, enabling subscriber-level users to read other users’ private conversations and potentially take over their conversation ...

6.1AI score
Exploits0References1
cve
cve
added yesterday10 views

CVE-2026-55234

Wekan (open source Kanban on Meteor) has a cross-board write flaw in versions before 9.37. The DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js validate only the stored boardId and do not verify a new boardId in the update mod...

8.5CVSS6.1AI score
Exploits0References3
cve
cve
added yesterday9 views

CVE-2026-53447

Wekan (open-source Kanban) contains a vulnerability in the cloneBoard Meteor method prior to version 9.35. The method in models/import.js uses a caller-supplied sourceBoardId to export a board via models/exporter.js without canExport checks or membership verification. As a result, any authenticat...

6.5CVSS6.1AI score0.00026EPSS
Exploits0References3
cve
cve
added yesterday9 views

CVE-2026-53445

CVE-2026-53445 (Wekan) : Affected component is Wekan’s copyBoard DDP publication (server/publications/boards.js). Before version 9.32, the copy operation copied a board by caller-supplied boardId without validating this.userId, membership, or admin access, enabling any authenticated user to copy ...

7.1CVSS6.1AI score0.00041EPSS
Exploits0References3
nvd
nvd
added yesterday5 views

CVE-2026-61643

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, an authenticated FastGPT user can save a workflow node that points to another user's private HTTP toolset by using a crafted saved tool id such as http-/. The normal toolset routes deny access, but the workflow...

5.9CVSS
Exploits0References2
nvd
nvd
added yesterday6 views

CVE-2026-58660

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS
Exploits0References4
attackerkb
attackerkb
added yesterday3 views

CVE-2026-61643

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, an authenticated FastGPT user can save a workflow node that points to another user's private HTTP toolset by using a crafted saved tool id such as http-/. The normal toolset routes deny access, but the workflow...

5.9CVSS6.2AI score
Exploits0References3Affected Software1
cve
cve
added yesterday6 views

CVE-2026-61643

CVE-2026-61643 affects FastGPT (versions 4.14.17 through 4.15.0-beta5). An authenticated user can save a workflow node that points to another user's private HTTP toolset by crafting a saved tool id (e.g., http-/). While normal toolset routes deny access, the workflow save and runtime path did not...

5.9CVSS6.2AI score
Exploits0References2
attackerkb
attackerkb
added yesterday3 views

CVE-2026-58660

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS6.1AI score
Exploits0References5
redhatcve
redhatcve
added yesterday3 views

CVE-2026-59733

A flaw was found in Rclone. When using the rclone serve restic --private-repos command, an authenticated user can include directory traversal sequences e.g., .. in a request. This allows them to bypass authorization and read, overwrite, or delete another user's private repository on backends that...

8.8CVSS6AI score0.00523EPSS
Exploits0References7
cvelist
cvelist
added yesterday17 views

CVE-2026-61430 PraisonAI before 1.6.78 DNS Rebinding SSRF via web_crawl

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS
Exploits0References2
euvd
euvd
added yesterday4 views

EUVD-2026-44639

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS6.1AI score
Exploits0References2
nvd
nvd
added yesterday6 views

CVE-2026-11580

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not perform a per-object capability check in its post-duplication AJAX action, allowing users with Contributor-level access or above to duplicate any post regardless of owner, post type, or status into a...

5.5CVSS0.00132EPSS
Exploits0References1
euvd
euvd
added yesterday7 views

EUVD-2026-44593

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not perform a per-object capability check in its post-duplication AJAX action, allowing users with Contributor-level access or above to duplicate any post regardless of owner, post type, or status into a...

5.5CVSS6.1AI score0.00132EPSS
Exploits0References1
attackerkb
attackerkb
added yesterday4 views

CVE-2026-11580

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not perform a per-object capability check in its post-duplication AJAX action, allowing users with Contributor-level access or above to duplicate any post regardless of owner, post type, or status into a...

6.1AI score0.00132EPSS
Exploits0References1
cvelist
cvelist
added yesterday23 views

CVE-2026-11580 Kali Forms < 2.4.17 - Contributor+ Arbitrary Post Metadata Disclosure via IDOR

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not perform a per-object capability check in its post-duplication AJAX action, allowing users with Contributor-level access or above to duplicate any post regardless of owner, post type, or status into a...

0.00132EPSS
Exploits0References1
nuclei
nuclei
added yesterday13 views

WordPress Simple Job Board - Unauthorized Data Access

The Simple Job Board plugin for WordPress is vulnerable to unauthorized data access due to insufficient authorization checking in the fetchquickjob function in all versions up to and including 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be...

5.3CVSS6.7AI score0.00909EPSS
Exploits0References3
Rows per page
Query Builder