EUVD-2026-32738

The 3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

CVE-2026-8682 3D Viewer <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Modification via settings REST endpoint

The 3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

EUVD-2026-22885

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

CVE-2026-40729

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

CVE-2026-40729 WordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

CVE-2026-40729

CVE-2026-40729 affects the WordPress plugin “bPlugins 3D viewer – Embed 3D Models” 1.8.5) as recommended by PT-2026-33040. No exploitation details are present in the connected documents beyond the general vulnerability description. Monitor for updates and vendor advisories for any confirmed expl...

CVE-2026-40729 WordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins 3D viewer – Embed 3D Models 3d-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D viewer – Embed 3D Models: from n/a through = 1.8.5...

PT-2026-33040

Name of the Vulnerable Software and Affected Versions bPlugins 3D viewer – Embed 3D Models versions prior to 1.8.6 Description Incorrectly configured access control security levels lead to a missing authorization issue, allowing for the exploitation of security levels. Recommendations Update to a...

WordPress plugin 3D viewer – Embed 3D Models 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2025-59332

3DAlloy is a lightWeight 3D-viewer for MediaWiki. From 1.0 through 1.8, the parser tag and the 3d parser function allow users to provide custom attributes that are then appended to the canvas HTML element that is being output by the extension. The attributes are not sanitized, which means that...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to writing beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code...

The vulnerability of the 3D viewing tool JT and JT2Go lies in the overflow of buffers in the stack, allowing attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and JT2Go is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Teamcenter Visualization lifecycle management system and the 3D JT/JT2Go viewer tool relates to buffer overflow in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the 3D JT/JT2Go viewer tool is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially created XML files...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to operations occurring outside the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the execution of operations beyond the buffer in memory when processing CGM format files. Exploiting this vulnerability can allow attackers to execute arbitrary code...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to operations occurring outside the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the execution of operations beyond the buffer in memory when processing CGM format files. Exploiting this vulnerability can allow attackers to execute arbitrary code...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to buffer overflow in the stack, allows a attacker to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization product lifecycle management system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created WRL file...

The vulnerability of the 3D viewing tool JT and JT2Go, as well as the Teamcenter Visualization lifecycle management system, relates to buffer overflow in dynamic memory. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created WRL file...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the use of memory after it is released. This allows a perpetrator to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization product lifecycle management system lies in the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created WRL file...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to access to resources through incompatible types, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the access to resources through incompatible types. Exploiting this vulnerability allows attackers to execute arbitrary code using a specially created WRL file...