Lucene search
K

4 matches found

NVD
NVD
added 2026/06/19 6:17 a.m.10 views

CVE-2026-10034

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.39. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to supply an...

5.3CVSS0.00385EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/06/19 4:31 a.m.30 views

CVE-2026-10034 WP DSGVO Tools (GDPR) <= 3.1.39 - Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure via subject-access-request AJAX Endpoint (process_now/is_ajax Parameters)

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.39. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to supply an...

5.3CVSS0.00385EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/03/25 12:25 a.m.4 views

SUSE CVE-2026-30933

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1.3.1-beta and...

7.5CVSS5.8AI score0.00544EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/10 4:10 p.m.32 views

CVE-2026-30933 FileBrowser Quantum Incomplete Remediation of CVE-2026-27611: Password-Protected Share Bypass via /public/api/share/info

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info. This vulnerability is fixed in 1.3.1-beta and...

7.5CVSS0.00544EPSS
Exploits1References3
Rows per page
Query Builder