4489 matches found
Exposure of Private Personal Information to an Unauthorized Actor
Overview Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor in the CookieJar.save and CookieJar.load functions. An attacker can cause cookies intended for a specific host to be sent to subdomains by persisting and restoring cookie...
PT-2026-49593
Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Host-only cookies saved using the CookieJar.save function and subsequently restored via the CookieJar.load function lose their host-only status. This can result in cookies loaded from disk being sen...
PT-2026-49413
Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi Save Entries, File Upload & Country Code Field = 1.0.6 versions...
CVE-2026-1291 Meow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation
The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/saveshortcode in all versions up to, and including, 5.4.4 This makes it possible for authenticated attackers, with...
EUVD-2026-36647
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...
CVE-2026-45558
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints POST /api/service/haproxy//section/ and the PUT / global / defaults variants accept a JSON option field that is not validated, not escaped, and ...
Malicious code in 0x2ai-demo6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f4a43a40af9e707d98ed55406b0ff32dccaad352fccf5d1eaaca41b9959d924 On npm install, scripts/postinstall.cjs writes .mcp.json into the installer's working directory INITCWD wiring Claude Code to a packaged MCP server...
CVE-2026-45564 Roxy-WI: Authenticated RCE via 'configver' URL parameter (os.system sink in /config/versions/.../save)
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions////save interpolates the URL-path configver parameter directly into a config-version path that ends up at os.systemf"dos2unix -q cfg". configver is not run...
CVE-2026-45558 Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints POST /api/service/haproxy//section/ and the PUT / global / defaults variants accept a JSON option field that is not validated, not escaped, and ...
CVE-2026-45558
Roxy-WI versions 8.2.6.4 and earlier expose a vulnerability in the HAProxy config generation pathway. The HAProxy section-save endpoints (POST /api/service/haproxy//section/ and related PUT /global/defaults) accept a JSON option field that is not validated or escaped and is rendered verbatim into...
CVE-2026-45558 Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints POST /api/service/haproxy//section/ and the PUT / global / defaults variants accept a JSON option field that is not validated, not escaped, and ...
CVE-2026-45556 Roxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...
CVE-2026-45556
Roxy-WI (versions <= 8.2.6.4) is affected by CVE-2026-45556. The vulnerability arises in POST /waf///rule//save: the config_file_name field is passed to config_mod.master_slave_upload_and_restart(...) as the destination path. The validation only checks that the path contains a service substrin...
CVE-2026-8907
The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing nonce validation on the processinit function hooked to admininit, which saves plugin settings zoom-level, focus-lat, focus-lng, selplaces, selroutes v...
CVE-2026-36791
Shenzhen Tenda Technology Co., Ltd Tenda O3v3 v1.0.0.5 was discovered to contain a stack overflow in the savelistdata parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
Roxy-WI 输入验证错误漏洞
Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Versions of Roxy-WI 8.2.6.4 and earlier contain a vulnerability related to input validation errors. This vulnerability stems from the POST /waf///rule//save endpoint accepting the configfilename...
CVE-2026-8909
The WpMobi plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.3. This is due to missing or incorrect nonce validation on the handleSaveGeneralSettings function. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2026-8904
The CVE-2026-8904 entry concerns the WordPress plugin FastPicker, up to version 1.0.2. The underlying issue is missing or incorrect nonce validation in the settingsPage function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to modify plugin settings (e.g., webhook in...
CVE-2026-8904 FastPicker, an order picker and order management system (oms) for WooCommerce on steroids <= 1.0.2 - Cross-Site Request Forgery via Settings Save
The FastPicker, an order picker and order management system oms for WooCommerce on steroids plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the settingsPage function. This makes i...
CVE-2026-8909 WpMobi <= 0.0.3 - Cross-Site Request Forgery via save_general_settings Action
The WpMobi plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.3. This is due to missing or incorrect nonce validation on the handleSaveGeneralSettings function. This makes it possible for unauthenticated attackers to modify the plugin's...