147 matches found
CVE-2026-54891
A flaw was found in Erlang's SSL Secure Sockets Layer component. A network-positioned attacker can exploit this vulnerability by injecting unauthenticated plaintext data into a client's TLS Transport Layer Security handshake. The client application may then process this injected data as if it wer...
WordPress LatePoint – Calendar Booking Plugin for Appointments and Events plugin <= 5.6.1 - Missing Authorization to Unauthenticated Arbitrary Customer Data Modification vulnerability
Missing Authorization to Unauthenticated Arbitrary Customer Data Modification vulnerability discovered by hhhai in WordPress Plugin LatePoint versions = 5.6.1...
CVE-2026-54891
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
UBUNTU-CVE-2026-54891
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
EUVD-2026-41415
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
EEF-CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl
Summary Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tls\gen\connection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server...
CVE-2026-54891
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
WordPress Kirki – Freeform Page Builder, Website Builder & Customizer plugin <= 6.0.11 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by Jagadesh Achanta - Independent in WordPress Plugin Kirki versions = 6.0.11...
CVE-2026-57633
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
EUVD-2026-39749
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...
CVE-2026-52696
Unauthenticated Sensitive Data Exposure in JetBlog = 2.4.8 versions...
CVE-2026-34888
Unauthenticated Sensitive Data Exposure in Bricksforge = 3.1.8.4 versions...
CVE-2026-52694
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce = 2.0 versions...
CVE-2026-49056
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
CVE-2026-42667
Unauthenticated Sensitive Data Exposure in Bookly = 27.4 versions...
CVE-2026-40789
Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...
CVE-2026-52695 WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...