Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-4664

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.103.0. This is due to the createreviewpermissionscheck function comparing the user-supplied key parameter against the order's ivolesecretkey meta value using...

5.3CVSS5.4AI score0.00673EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/31 10:36 p.m.7 views

EUVD-2026-17261

baserCMS has Mail Form Acceptance Bypass via Public API...

5.3CVSS5.9AI score0.00382EPSS
Exploits1References4
CVE
CVE
added 2026/03/31 12:45 a.m.15 views

CVE-2026-30878

CVE-2026-30878 affects baserCMS. Before 5.2.3, the public mail submission API allowed unauthenticated users to submit mail form entries even when the form was not accepting submissions, bypassing administrative controls and enabling spam via the API. This issue is patched in version 5.2.3 . The C...

5.3CVSS5.8AI score0.00382EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.7 views

CVE-2021-32697

neos/forms is an open source framework to build web forms. By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form...

6.5CVSS7AI score0.01124EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/21 12:0 a.m.5 views

Neos/forms 输入验证错误漏洞

Neos/forms is an open source framework for building web forms. A security vulnerability exists in Neos/forms where the program can submit a form without invoking any validator by creating a special "GET" request that contains valid form state...

6.5CVSS6AI score0.01124EPSS
Exploits0References5
Rows per page
Query Builder