Lucene search
K

1476 matches found

NVD
NVD
added 6 hours ago4 views

CVE-2026-12955

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS
Exploits0References5
EUVD
EUVD
added 8 hours ago3 views

EUVD-2026-42849

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS6.1AI score
Exploits0References5
CVE
CVE
added 8 hours ago5 views

CVE-2026-12955

The CVE-2026-12955 entry describes a vulnerability in the GDPR Cookie Consent plugin for WordPress (versions up to 4.3.6) where missing capability checks and nonce verification in the gdpr_cookie_consent_ajax_save_schedule_scan() function (wp_ajax_gcc_save_schedule_scan) allow authenticated users...

4.3CVSS6.1AI score
Exploits0References5
Nuclei
Nuclei
added 13 hours ago48 views

WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure

WordPress Simply Schedule Appointments plugin before 1.5.7.7 is susceptible to information disclosure. The plugin is missing authorization in a REST endpoint, which can allow an attacker to retrieve user details such as name and email address. id: CVE-2022-2373 info: name: WordPress Simply Schedu...

5.3CVSS6.1AI score0.01424EPSS
Exploits2References5
Patchstack
Patchstack
added yesterday2 views

WordPress Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin <= 4.3.6 - Missing Authorization to Authenticated (Subscriber+) Scan Schedule Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Scan Schedule Modification vulnerability discovered by PRISM in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.3.6...

4.3CVSS6.1AI score
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago4 views

CVE-2026-14778

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajaxenroll.php of the component Enrollment Management. The manipulation of the argument studentid/scheduleid/action leads to improper...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References6Affected Software1
CVE
CVE
added 5 days ago12 views

CVE-2026-14778

The CVE concerns SourceCodester Onlne Examination & Learning Management System 1.0. The vulnerability is in the Enrollment Management component, specifically the /ajax_enroll.php file, where manipulation of the arguments student_id, schedule_id, or action leads to improper authorization. This all...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-57317

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:52 p.m.6 views

CVE-2026-57317

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 2:52 p.m.11 views

CVE-2026-57317

CVE-2026-57317 affects the WordPress plugin Simply Schedule Appointments (versions

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39730

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 2:16 p.m.5 views

CVE-2026-47151

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock...

7.1CVSS0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 1:40 p.m.31 views

CVE-2026-47151 Door Lock ClearWeekdaySchedule invalid table index and write in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock...

7.1CVSS0.00217EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:40 p.m.25 views

CVE-2026-47151

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can cause out-of-bounds writes in Door Lock schedule state. Impact: potential HIGH availability disruption and LOW integrity impact; no confidentiality change. These messages must originate from a device already joined to th...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 1:40 p.m.5 views

EUVD-2026-39406

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52404

Name of the Vulnerable Software and Affected Versions EmberZNet versions prior to 9.0.3 Description Malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into the Door Lock schedule state. This issue affects only devices that support the Door Lock cluster and requires the...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: taprio: fix use-after-free in advancesched on schedule switch In advancesched, when shouldchangeschedules returns true, switchschedules is called to...

7.8CVSS6AI score0.00125EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38879

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix use-after-free in advancesched on schedule switch In advancesched, when shouldchangeschedules returns true, switchschedules is called to promote the admin schedule to oper. switchschedules queues the old op...

5.7AI score0.00125EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38816

In the Linux kernel, the following vulnerability has been resolved: i2c: dev: prevent integer overflow in I2CTIMEOUT ioctl While fuzzing with Syzkaller, a persistent scheduletimeout: wrong timeout value warning was observed, accompanied by SMBus controller state machine corruption. The I2CTIMEOUT...

5.8AI score0.00185EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53011

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix use-after-free in advancesched on schedule switch In advancesched, when shouldchangeschedules returns true, switchschedules is called to promote the admin schedule to oper. switchschedules queues the old op...

7.8CVSS0.00125EPSS
Exploits0References8
Rows per page
Query Builder