Lucene search
+L

15269 matches found

cve
cve
added 4 hours ago10 views

CVE-2026-12585

Vulnerable component: Abandoned Cart Lite for WooCommerce (WordPress plugin) prior to version 6.8.2. Root cause: The plugin does not protect the integrity of cart-recovery tokens or bind them to the requesting account, allowing an unauthenticated attacker to forge a recovery link that logs in as ...

6.1AI score
Exploits0References1
cve
cve
added 4 hours ago6 views

CVE-2026-12492

The CVE affects the Happy Coders OTP Login for WooCommerce WordPress plugin prior to version 2.8. The root cause is that the plugin does not verify that a one-time password was actually validated before authenticating a user based on a supplied identifier, enabling unauthenticated login as any ex...

6.1AI score
Exploits0References1
euvd
euvd
added 6 hours ago3 views

EUVD-2026-44866

The SAML Single Sign On – SSO Login plugin for WordPress is vulnerable to Authentication Bypass via SAML Signature Algorithm Confusion in all versions up to, and including, 5.4.3. The vulnerability exists because MoSAMLUtilities::mosamlcastkey reads the SignatureMethod Algorithm attribute directl...

9.8CVSS6AI score
Exploits0References7
cve
cve
added 6 hours ago18 views

CVE-2026-15013

Technical details are not publicly available in the provided documents. Monitor for updates.

9.8CVSS6AI score
Exploits0References7
cve
cve
added yesterday15 views

CVE-2026-54458

CVE-2026-54458 (AVideo YPTSocket XSS) affects WWBN’s AVideo with the YPTSocket plugin (versions prior to 29.0). The vulnerability is an unauthenticated stored DOM XSS: getWebSocket.json.php issues a signed WebSocket token; MessageSQLiteV2::onOpen reads webSocketSelfURI and page_title from the Web...

9.6CVSS6.3AI score
Exploits0References2
cve
cve
added yesterday9 views

CVE-2026-55652

Wekan prior to v9.46 is vulnerable to a header-login bypass: the server trusts X-Forwarded-For via HEADER_LOGIN_TRUSTED_IPS in getRequestIp(), allowing unauthenticated users to request a login for any username and obtain a meteor_login_token (including admin), enabling full account takeover. The ...

9.8CVSS6.1AI score
Exploits0References3
cve
cve
added yesterday11 views

CVE-2026-52893

Wekan before 9.32 is vulnerable through the Accounts.onCreateUser hook in server/models/users.js, which merges OIDC logins into existing accounts when the OIDC email or username matches an existing Wekan user without verifying ownership or email_verified. An attacker with an OIDC provider account...

9.2CVSS6.1AI score0.00032EPSS
Exploits0References3
cve
cve
added yesterday10 views

CVE-2026-53516

Summary: CVE-2026-53516 affects Better Auth (

8.3CVSS6.1AI score0.00019EPSS
Exploits0References4
redhatcve
redhatcve
added yesterday4 views

CVE-2026-47158

A flaw was found in Vaultwarden, a Bitwarden-compatible server. An unauthenticated attacker could exploit a vulnerability in the Single Sign-On SSO authorization flow. This flaw, caused by improper binding of the OAuth state parameter to the browser session and inadequate cleanup of SSO...

8.3CVSS6AI score0.00031EPSS
Exploits0References2
cvelist
cvelist
added yesterday16 views

CVE-2026-59258 immich < 3.0.3 Shared Album Editor Ownership Takeover via updateUser

immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the album owner to editor and promote themselves to owne...

8.3CVSS
Exploits0References5
cve
cve
added yesterday11 views

CVE-2026-44986

CVE-2026-44986 affects Penpot prior to 2.14.5. The issue allows a pre-authenticated account takeover via team invitation tokens: tokens from create-team-invitations were exposed, an existing profile id was embedded in auth.clj prepare-register-profile, and auth.clj register-profile could issue a ...

9.9CVSS6.1AI score0.00083EPSS
Exploits0References4
cvelist
cvelist
added yesterday22 views

CVE-2026-44986 Penpot: Pre-authenticated account takeover via team-invitation token + prepare-register-profile

Penpot is an open-source design tool for design and code collaboration. Prior to 2.14.5, Penpot exposed teamsinvitations.clj invitation tokens from create-team-invitations, embedded an existing profile id in auth.clj prepare-register-profile, and had auth.clj register-profile issue a session base...

9.9CVSS0.00083EPSS
Exploits0References4
nvd
nvd
added yesterday9 views

CVE-2026-61451

The Grav API plugin grav-plugin-api before 1.0.4 does not validate the origin of the client-supplied adminbaseurl field in the POST /api/v1/auth/forgot-password endpoint. The sanitizeHttpUrl function only checks that the URL scheme is http/https and never verifies the host against the server's ow...

9.6CVSS
Exploits0References2
nvd
nvd
added yesterday3 views

CVE-2026-56398

Open WebUI before 0.9.5 contains a stored cross-site scripting vulnerability in the OAuth authentication flow where the picture claim URL MIME type is inferred from file extension rather than Content-Type header, allowing SVG files to bypass the profile image validator and be stored as data URIs...

8.5CVSS
Exploits0References2
euvd
euvd
added yesterday5 views

EUVD-2026-44632

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in the user/add API endpoint that allows non-SuperAdmin administrators to create SuperAdmin accounts. A delegated administrator with USERADD/EDIT/DELETE permissions can call POST /admin/api/user/add with isSuperAdmin: true and...

8.8CVSS6.1AI score
Exploits0References2
euvd
euvd
added yesterday6 views

EUVD-2026-44628

Open WebUI before 0.9.5 contains a stored cross-site scripting vulnerability in the OAuth authentication flow where the picture claim URL MIME type is inferred from file extension rather than Content-Type header, allowing SVG files to bypass the profile image validator and be stored as data URIs...

8.5CVSS6.2AI score
Exploits0References2
nvd
nvd
added yesterday7 views

CVE-2026-58077

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...

8.7CVSS0.00418EPSS
Exploits0References1
attackerkb
attackerkb
added yesterday2 views

CVE-2026-58077

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...

8.7CVSS6.1AI score0.00418EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added yesterday4 views

CVE-2026-58077 Joomla Extension - weeblr.com - Unauthenticated stored XSS in 4Analytics < 5.0.2

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...

8.7CVSS6.1AI score0.00418EPSS
Exploits0References1
nuclei
nuclei
added yesterday37 views

WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass

Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authentication bypass vulnerability via improper handling of query parameters, allowing attackers to impersonate arbitrary users. id: CVE-2024-50477 info: name: WordPress Stacks Mobile App Builder =5.2.3 - Authentication Bypass...

9.8CVSS6.2AI score0.07959EPSS
Exploits3References4
Rows per page
Query Builder