Lucene search
+L

1824 matches found

Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-25026 WordPress Team plugin <= 5.0.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.11...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/24 6:13 p.m.8 views

WordPress WP Job Portal plugin <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter vulnerability

Unauthenticated SQL Injection via 'radius' Parameter vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin WP Job Portal versions = 2.4.8...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References1Affected Software1
Akamai Blog
Akamai Blog
added 2026/03/24 12:0 p.m.4 views

Microsegmentation and Zero Trust: Control the Blast Radius by Design

...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/24 12:30 a.m.9 views

EUVD-2026-14620

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References5
NVD
NVD
added 2026/03/23 11:17 p.m.10 views

CVE-2026-4306

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS0.00409EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/23 10:25 p.m.26 views

CVE-2026-4306 WP Job Portal <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS0.00409EPSS
Exploits0References4
CVE
CVE
added 2026/03/23 10:25 p.m.31 views

CVE-2026-4306

CVE-2026-4306 affects the WP Job Portal plugin for WordPress. It is a SQL Injection in the radius parameter in all versions up to 2.4.8 caused by insufficient escaping and lack of proper query preparation, enabling unauthenticated attackers to append SQL to existing queries and potentially extrac...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/23 10:25 p.m.5 views

CVE-2026-4306 WP Job Portal <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/23 10:25 p.m.7 views

CVE-2026-4306

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.20 views

PT-2026-27253

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

WordPress plugin WP Job Portal SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.6 views

Siemens APE1808 Insertion of Sensitive Information into Sent Data (CVE-2024-46665)

An insertion of sensitive information into sent data vulnerability CWE-201 in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests. This plugin only works with Tenable.o...

3.7CVSS5.9AI score0.00532EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/03/18 3:32 a.m.7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +135 more potentially affected by CVE-2026-2092 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2026-2092 Source advisory:...

7.7CVSS5.4AI score0.00241EPSS
Exploits0
EUVD
EUVD
added 2026/03/16 6:32 p.m.8 views

EUVD-2026-12464

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 6:16 p.m.4 views

CVE-2026-29521

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS0.0011EPSS
Exploits0References2
CVE
CVE
added 2026/03/16 4:55 p.m.9 views

CVE-2026-29521

CVE-2026-29521 affects Hereta ETH-IMC408M devices with firmware 1.0.15 and earlier, where missing CSRF protections in setup.cgi allow cross-site request forgery. An attacker hosting malicious pages can submit forged requests using automatically-included HTTP Basic Authentication credentials to mo...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 4:55 p.m.2 views

CVE-2026-29521 Hereta ETH-IMC408M CSRF via Configuration Setup

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25784

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2026/03/15 6:8 p.m.8 views

Advisory ROSA-SA-2026-3209

software: hostapd 2.11 WASP: ROSA-CHROME unaffected versions = hostapd-2.11-2 affected versions hostapd-2.11-2 CVE-ID: CVE-2025-24912 BDU-ID: None CVE-Crit: LOW CVE-DESC.: RADIUS packet handling vulnerability in hostapd: hostapd incorrectly handles specially crafted RADIUS packets. When...

3.7CVSS5.7AI score0.00716EPSS
Exploits0
EUVD
EUVD
added 2026/03/13 9:31 p.m.7 views

EUVD-2026-11870

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder allows Retrieve Embedded Sensitive Data.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through =...

5.8AI score0.00251EPSS
Exploits0References2
Rows per page
Query Builder