333 matches found
CVE-2026-42677
Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...
CVE-2026-42677
CVE-2026-42677 concerns the WordPress WP Document Revisions plugin,
CVE-2026-42677 WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...
CVE-2026-42677 WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...
EUVD-2026-33686
Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...
WordPress plugin WP Document Revisions has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-45464
Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/CPU/AMD: Added a fix for RDSEED in Zen5. There is an issue with the 16-bit and 32-bit register output variants of RDSEED in Zen5, which return a random value of 0 “at a rate inconsistent with randomness, while incorrectly...
CVE-2026-34970
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...
CVE-2026-34970 MantisBT Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...
EUVD-2026-31005
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...
CVE-2026-34970
Summary: CVE-2026-34970 affects MantisBT, where versions 2.28.1 and earlier allow a bugnote author to view the Revisions page of a private issue after losing access to that issue. This undermines confidentiality by exposing private issue metadata on the Revisions page. Root cause (as described): ...
CVE-2026-34970
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...
WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin WP Document Revisions versions = 3.8.1...
CVE-2026-44197
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...
Quality-of-Service Feature Side Channels
Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...
Information Exposure
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Information Exposure in the Revisions page for bugnotes after access to the parent private issue has been revoked. An attacker can obtain the private issue's ID and summary by accessing the...
GHSA-CRMX-4P49-46M2 MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked
MantisBT allows a bugnote author to access the note's Revisions page after losing access to the parent private issue. Impact Disclosure of the private Issue's Id and Summary. The bugnote full revision body remains secure. Patches - 71df1f67e05b2050cd4bd87839e6cc13747cf03f Workarounds None Credits...
CVE-2026-44197
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...
CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...