Lucene search
+L

9741 matches found

NVD
NVD
added 7 hours ago4 views

CVE-2026-9810

The AI Copilot WordPress plugin before 1.5.4 does not bind OAuth access tokens to a WordPress user, and accepts any valid token as an administrator session, allowing unauthenticated attackers who complete the public OAuth flow to execute privileged MCP tools as an administrator, including arbitra...

9.8CVSS
Exploits0References1
NVD
NVD
added 7 hours ago3 views

CVE-2026-11961

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

8.1CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 9 hours ago2 views

CVE-2026-11961

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

5.4AI score
Exploits0References1
EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-45146

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

8.1CVSS5.4AI score
Exploits0References1
CVE
CVE
added 9 hours ago8 views

CVE-2026-9810

The AI Copilot WordPress plugin before 1.5.4 does not bind OAuth access tokens to a WordPress user, and accepts any valid token as an administrator session, allowing unauthenticated attackers who complete the public OAuth flow to execute privileged MCP tools as an administrator, including arbitra...

6.3AI score
Exploits0References1
Nuclei
Nuclei
added 10 hours ago18 views

HyperComments <= 1.2.2 - Arbitrary Options Update

The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hcrequesthandler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to...

8.8CVSS5.4AI score0.01779EPSS
Exploits4References2
Nuclei
Nuclei
added 10 hours ago44 views

Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to addrole and userrole functions missing proper capability checks performed through the...

8.8CVSS8.3AI score0.02474EPSS
Exploits0References4
Nuclei
Nuclei
added 10 hours ago113 views

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

9.8CVSS8.4AI score0.71725EPSS
Exploits1References5
EUVD
EUVD
added 15 hours ago4 views

EUVD-2026-45106

OpenClaw 2026.1.20 before 2026.5.27 contain an authorization bypass vulnerability in the device.pair.approve feature that allows lower-trust callers to bypass role-management checks. Attackers can perform actions requiring stronger authorization by reaching the affected feature through configured...

8.8CVSS6.1AI score
Exploits0References2
OSV
OSV
added yesterday4 views

GHSA-M2V6-2JMH-4C68 Envoy Gateway: Nil-dereference when SecurityPolicy targets TCPRoute without spec.authorization

Vulnerability report without repro case. Repro case may be added later after harness is complete. Preconditions 4: - Tenant has SecurityPolicy + TCPRoute RBAC baseline - Tenant namespace permitted to attach TCPRoute to a Gateway listener - spec.authorization omitted the trigger - No admission...

6.5CVSS6.1AI score0.00121EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday53 views

Flowise < 3.0.1 - Remote Command Execution

The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...

9.8CVSS7.2AI score0.7231EPSS
Exploits3References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-44897

The Digits: WordPress Mobile Number Signup and Login plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 9.1.0.5. This is due to missing authorization and role validation in the digupdatewpwccustomfields function. This makes it possible for authenticat...

8.8CVSS6AI score0.00246EPSS
Exploits0References2
CVE
CVE
added yesterday14 views

CVE-2026-13741

The CVE-2026-13741 entry concerns the Digits: WordPress Mobile Number Signup and Login plugin for WordPress, vulnerable in all versions up to and including 9.1.0.5. The root cause is missing authorization and role validation in the dig_update_wpwc_custom_fields() function, allowing authenticated ...

8.8CVSS6AI score0.00246EPSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-12869

The Header Footer Builder for Elementor WordPress plugin before 1.2.1 does not require an administrative capability for its dashboard template-import action it allows any editposts user, so a Contributor can import a template containing an Elementor HTML widget configured to display site-wide,...

6.1CVSS0.00152EPSS
Exploits0References1
NVD
NVD
added yesterday9 views

CVE-2026-12907

The RTMKit WordPress plugin before 2.0.9 does not perform a proper capability check on one of its -builder AJAX actions, allowing users with at least the Author role to create and activate a site-wide template that overrides the header, footer or other global areas displayed to all visitors, whic...

2.7CVSS0.00132EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-12907

CVE-2026-12907 affects the RTMKit WordPress plugin prior to 2.0.9. The root cause is a missing capability check on a -builder AJAX action, allowing users with at least the Author role to create and activate a site-wide template that can override header, footer, or other global areas served to all...

2.7CVSS6.1AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-44878

The Header Footer Builder for Elementor WordPress plugin before 1.2.1 does not require an administrative capability for its dashboard template-import action it allows any editposts user, so a Contributor can import a template containing an Elementor HTML widget configured to display site-wide,...

6.1CVSS6.1AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday31 views

CVE-2026-12907 RTMKit Addons for Elementor < 2.0.9 - Author+ Site-Wide Theme Builder Template Creation and Activation

The RTMKit WordPress plugin before 2.0.9 does not perform a proper capability check on one of its -builder AJAX actions, allowing users with at least the Author role to create and activate a site-wide template that overrides the header, footer or other global areas displayed to all visitors, whic...

0.00132EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday33 views

CVE-2026-12906 RTMKit Addons for Elementor < 2.0.9 - Contributor+ Private Post Title Disclosure

The RTMKit WordPress plugin before 2.0.9 does not perform a capability check in one of its AJAX actions and resolves a request-supplied post identifier directly, allowing users with at least the Contributor role to read the titles of other users' private, draft, pending, scheduled and trashed pos...

0.00132EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-12525

CVE-2026-12525 affects the Redux Framework WordPress plugin prior to 4.5.13. The vulnerability arises because the plugin does not restrict which user_meta keys can be written when saving custom profile fields, enabling users with at least the Subscriber role to escalate to Administrator while upd...

8.8CVSS6.1AI score0.00144EPSS
Exploits0References1
Rows per page
Query Builder