Lucene search
K

4 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-42849

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday10 views

CVE-2026-12955 Cookie Banner for GDPR / CCPA <= 4.3.6 - Missing Authorization to Authenticated (Subscriber+) Scan Schedule Modification via gcc_save_schedule_scan AJAX Action

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS0.00196EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/04/08 8:31 a.m.7 views

WordPress Blog2Social: Social Media Auto Post & Scheduler plugin <= 8.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Schedule Modification via 'b2s_id' Parameter vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary Post Schedule Modification via 'b2sid' Parameter vulnerability discovered by s00me00ne in WordPress Plugin Blog2Social versions = 8.8.3...

4.3CVSS5.9AI score0.00542EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/02/10 12:28 a.m.3 views

Missing Authorization

Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authorization in the scheduler endpoint. An attacker can gain unauthorized access to create, modify, or delete schedules by sending crafted...

10CVSS5.6AI score0.11393EPSS
Exploits1References2
Rows per page
Query Builder