2316 matches found
CVE-2026-43876 WWBN AVideo: HTML Injection in notifySubscribers.json.php Enables Platform-Branded Phishing Emails to Channel Subscribers
WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/notifySubscribers.json.php takes the raw message POST parameter and passes it into sendSiteEmail, which substitutes it directly into an HTML email template via strreplace on the message placeholder and...
CVE-2026-43876 WWBN AVideo: HTML Injection in notifySubscribers.json.php Enables Platform-Branded Phishing Emails to Channel Subscribers
WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/notifySubscribers.json.php takes the raw message POST parameter and passes it into sendSiteEmail, which substitutes it directly into an HTML email template via strreplace on the message placeholder and...
CVE-2026-43876
CVE-2026-43876 describes an HTML injection vulnerability in WWBN AVideo: objects/notifySubscribers.json.php passes $_POST['message'] un sanitized into an HTML email template, then renders it with PHPMailer::msgHTML(). Attacker-controlled HTML is substituted into the email body and, due to a permi...
WordPress Motors – Car Dealership & Classified Listings Plugin plugin <= 1.4.103 - Missing Authorization to Authenticated (Subscriber+) Payment Bypass vulnerability
Missing Authorization to Authenticated Subscriber+ Payment Bypass vulnerability discovered by shrikant bhosale in WordPress Plugin Motors versions = 1.4.103...
WordPress Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Post Modification vulnerability discovered by cpforensic in WordPress Plugin Rate Star Review versions = 1.6.4...
WWBN AVideo 跨站脚本漏洞
WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to version 29 contain cross-site scripting vulnerabilities. This vulnerability arises from the lack of HTML cleaning of user input in objects/notifySubscribers.json.php, which...
CVE-2026-5127
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Deserialization of Untrusted Data in versions up to, and including, 4.3.1 This is due to insufficient input validation and type checking on the wpuffiles...
WordPress Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin <= 1.53.0 - Missing Authorization to Authenticated (Subscriber+) Scheduled Form Submission Export vulnerability
Missing Authorization to Authenticated Subscriber+ Scheduled Form Submission Export vulnerability discovered by anhcd05 - VNPT Cyber Immunity in WordPress Plugin Forminator versions = 1.53.0...
CVE-2026-6692 Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url
The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2026-6692
The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2026-6214 Forminator Forms <= 1.53.0 - Missing Authorization to Authenticated (Subscriber+) Scheduled Form Submission Export via forminator_export_entries Action on wp_loaded Hook
The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.53.0. This is due to the listenforsavingexportschedule function in library/class-export.php failing to perform a capability check before saving the scheduled export configuration,...
CVE-2026-2306
The CVE concerns the WordPress plugin Ninja Tables – Easy Data Table Builder. All versions up to and including 5.2.6 are affected by missing authorization checks in the createFluentCartTable function, enabling authenticated users with Subscriber-level access and above to create arbitrary Ninja Ta...
AVideo: HTML Injection in notifySubscribers.json.php Allows Platform-Branded Phishing Emails to Channel Subscribers
Summary objects/notifySubscribers.json.php takes the raw message POST parameter and passes it into sendSiteEmail, which substitutes it directly into an HTML email template via strreplace on the message placeholder and renders it with PHPMailer::msgHTML. There is no HTML sanitization, character...
Cross-site Scripting (XSS)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS in the sendSiteEmail process. An attacker can inject arbitrary HTML content into emails sent to subscribers by supplying crafted input to...
WordPress Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Stripe Webhook Deletion and Payment Processing Disruption vulnerability
Missing Authorization to Authenticated Subscriber+ Stripe Webhook Deletion and Payment Processing Disruption vulnerability discovered by Jared Reyes in WordPress Plugin Paid Memberships Pro versions = 3.6.5...
WordPress Ninja Tables – Easy Data Table Builder plugin <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table Creation vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Table Creation vulnerability discovered by nquangit - Techlab Corporation in WordPress Plugin Ninja Tables versions = 5.2.6...
PT-2026-37292
Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.1 Description An issue exists where the endpoint "/objects/notifySubscribers.json.php" accepts a raw message POST parameter and passes it to the sendSiteEmail function. This function substitutes the input...
EUVD-2026-26759
The Geo Mashup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geomashupnullfields' parameter in all versions up to, and including, 1.13.19 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2026-6810 Booking Calendar Contact Form <= 1.2.63 - Authenticated (Subscriber+) Insecure Direct Object Reference to Calendar Takeover
The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the dexbccfadminintcalendarlist.inc.php file due to missing validation on a user controlled key. This makes it possible for authenticated...
WordPress BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin <= 4.3.11 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage vulnerability
Missing Authorization to Authenticated Subscriber+ Unauthorized AI API Usage vulnerability discovered by h0xilo in WordPress Plugin BetterDocs versions = 4.3.11...