34 matches found
CVE-2026-52784
CVE-2026-52784 (OpenProject) is a CSRF vulnerability in OpenProject’s web UI. The issue allows CSRF on a user-targeted action via POST to /users/:id with the parameter user[admin], enabling unauthorized state changes without user interaction. Affected software versions are prior to 17.3.3 and 17....
CVE-2026-44990 Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the default configuration, versions of sanitize-html prior to 2.17.4 can turn attacker-controlled content inside a disallowed xmp element into live HTML or...
CVE-2026-47182 Frappe: Broken Access Control on Private Files
Frappe is a full-stack web application framework. Prior to version 16.17.4, any authenticated user can access private files by guessing the file path. This issue has been patched in version 16.17.4...
PT-2026-48894
Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4...
CVE-2026-33229 XWiki Platform affected by remote code execution with script right through unprotected Velocity scripting API
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.4.8 and 17.10.1, an improperly protected scripting API allows any user with script right to bypass the sandboxing of the Velocity scripting API and execute, e.g., arbitrary Python...
CVE-2026-31857
Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...
CVE-2026-31857 CraftCMS has an RCE vulnerability via relational conditionals in the control panel
Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...
Improper Restriction of Rendered UI Layers or Frames
Overview Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames in comments. An attacker can cause users to be redirected to a malicious page by injecting CSS that transforms the entire wiki interface into a clickable link area. Remediation Upgrad...
CVE-2026-26000
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.9.0, 17.4.6, and 16.10.13, it's possible using comments to inject CSS that would transform the full wiki in a link area leading to a malicious page. This vulnerability is fixed in...
CVE-2025-66063
WP Google Review Slider plugin (WordPress) is affected by CVE-2025-66063: a Missing Authorization / Broken Access Control vulnerability in versions up to 17.4 due to misconfigured access controls. Red Hat/NVD/Patchstack entries confirm the issue and indicate a patched status for affected releases...
CVE-2025-62028 WordPress Salient theme < 17.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeNectar Salient salient.This issue affects Salient: from n/a through 17.4.0...
CVE-2025-10226
Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...
WordPress Bit Form – Contact Form plugin <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability
Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by Francesco Carlucci in WordPress Plugin Bit Form versions = 2.17.4...
WordPress plugin Coming Soon Page, Under Construction 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Coming Soon Page, Under...
WordPress Website Builder by SeedProd <= 6.17.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd versions = 6.17.4...
Microsoft Visual Studio and Microsoft .NET Security Vulnerabilities
Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...
PT-2024-19780 · Apple · Macos Sonoma +4
Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.4 iOS versions prior to 17.4 iPadOS versions prior to 17.4 watchOS versions prior to 10.4 Description: A privacy issue was addressed with improved handling of temporary files. This issue may allow an app to...
PT-2024-19771 · Apple · Ios +2
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.4 iOS versions prior to 17.4 iPadOS versions prior to 17.4 Description: The issue allows an attacker in a privileged network position to inject keystrokes by spoofing a keyboard. This is achieved through a Bluetooth...
PT-2024-19735 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.4 iPadOS versions prior to 17.4 Description: The issue allows a deleted photo to be re-surfaced without authentication through the shake-to-undo feature. This is due to inadequate checks that have been improved in the...
CVE-2024-23256
A logic issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4. A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled...