121662 matches found
CVE-2026-6396 Fast & Fancy Filter – 3F <= 1.2.2 - Cross-Site Request Forgery to Settings Modification via fff_save_settins AJAX Action
The Fast & Fancy Filter – 3F plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.2.2. This is due to missing nonce verification in the saveFields function, which handles the fffsavesettins AJAX action. This makes it possible for unauthenticated...
CVE-2026-4140
The Ni WooCommerce Order Export WordPress plugin (≤ version 3.1.6) is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the ni_order_export_action() AJAX handler. When the page parameter is 'nioe-order-settings', Ni_Order_Setting::page_ajax() calls update_option('ni_orde...
CVE-2026-4280
The Breaking News WP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3. This is due to the brnwpajaxform AJAX endpoint lacking both authorization checks and CSRF verification, combined with insufficient path validation when the brnwptheme option...
CVE-2026-4140 Ni WooCommerce Order Export <= 3.1.6 - Cross-Site Request Forgery to Settings Update via ni_order_export_action AJAX Action
The Ni WooCommerce Order Export plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 3.1.6. This is due to missing nonce validation in the niorderexportaction AJAX handler function. The handler processes settings updates when the 'page' parameter is...
CVE-2026-4133
The TextP2P Texting Widget WordPress plugin (versions ≤ 1.7) is vulnerable to Cross-Site Request Forgery due to missing nonce validation in imTextP2POptionPage(). The settings form (line 314) lacks wp_nonce_field(), and the POST handler (line 7) does not call check_admin_referer() or wp_verify_no...
CVE-2026-4133 TextP2P Texting Widget <= 1.7 - Cross-Site Request Forgery to Settings Update
The TextP2P Texting Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.7. This is due to missing nonce validation in the imTextP2POptionPage function which processes settings updates. The form at line 314 does not include a wpnoncefield,...
CVE-2026-4140 Ni WooCommerce Order Export <= 3.1.6 - Cross-Site Request Forgery to Settings Update via ni_order_export_action AJAX Action
The Ni WooCommerce Order Export plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 3.1.6. This is due to missing nonce validation in the niorderexportaction AJAX handler function. The handler processes settings updates when the 'page' parameter is...
CVE-2026-4131 WP Responsive Popup + Optin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'wpo_image_url' Parameter
The WP Responsive Popup + Optin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.4. This is due to the settings form on the admin page wpoadminpage.php lacking nonce generation wpnoncefield and verification wpverifynonce/checkadminreferer. Thi...
CVE-2026-4131
The WP Responsive Popup + Optin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.4. This is due to the settings form on the admin page wpoadminpage.php lacking nonce generation wpnoncefield and verification wpverifynonce/checkadminreferer. Thi...
CVE-2026-33626
LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...
CVE-2026-40343
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
PT-2026-34338
Name of the Vulnerable Software and Affected Versions Raindrop.io Bookmark Manager Web App version 5.6.76.0 Description Insufficient validation of Chrome extension identifiers allows attackers to obtain sensitive user data through a crafted request. Recommendations At the moment, there is no...
PT-2026-34418
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...
CVE-2026-35548
An issue was discovered in guardsix formerly Logpoint ODBC Enrichment Plugins before 5.2.1 5.2.1 is used in guardsix 7.9.0.0. A logic flaw allowed stored database credentials to be reused after modification of the target Host, IP address, or Port. When editing an existing Enrichment Source,...
PT-2026-34310
Name of the Vulnerable Software and Affected Versions Fast & Fancy Filter – 3F plugin for WordPress versions prior to 1.2.3 Description Cross-Site Request Forgery occurs due to missing nonce verification in the saveFields function, which handles the 'fff save settins' AJAX action. This allows...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cyclic locking dependency between reqlock and the work queue in nciclosedevice, potentially...
Jellystat SQL注入漏洞
Jellystat is a free and open-source statistical application developed by Thegan Govender as an individual project. Versions of Jellystat prior to 1.1.10 contained a SQL injection vulnerability. This vulnerability stemmed from multiple API endpoints that constructed queries by directly inserting...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of hcireqsynclock protection in the btintelhwerror function within the btintel driver...
Squidex 代码问题漏洞
Squidex is an open-source content management system developed by Squidex. Versions of Squidex prior to 7.23.0 had code vulnerabilities. These vulnerabilities were caused by a server-side request forgeing issue, allowing users with asset upload permissions to force the server to obtain arbitrary...
📄 Eclipse Che WebSocket Machine-Exec Remote Code Execution
This Python script is a WebSocket-based client designed to interact with an Eclipse Che / DevSpaces machine-exec service and test for an unauthenticated remote code execution vulnerability...