49 matches found
SUSE CVE-2026-53188
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...
PT-2026-52284
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA core where the ib get ucaps function fails to properly validate the passed-in file operations fops. Because character and block devices can share the same dev...
CVE-2026-9018 Easy Elements for Elementor – Addons & Website Templates <= 1.4.5 - Unauthenticated Privilege Escalation via 'custom_meta' Parameter
The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the easyelhandleregister function. This is due to the wpajaxnopriveelregister AJAX handler iterating the attacker-controlled...
CVE-2025-12157
The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivresetcapability' AJAX endpoint in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to reset any...
CVE-2025-12158
The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the sucsubmitcapabilities function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to elevate the role of any user account t...
WordPress Simple User Capabilities plugin <= 1.0 - Missing Authorization to Unauthenticated Capability Reset vulnerability
Missing Authorization to Unauthenticated Capability Reset vulnerability discovered by D01EXPLOIT OFFICIAL in WordPress Plugin Simple User Capabilities versions = 1.0...
CVE-2025-12158 Simple User Capabilities <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the sucsubmitcapabilities function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to elevate the role of any user account t...
CVE-2025-12158
CVE-2025-12158 affects WordPress plugin Simple User Capabilities. Wordfence reports a missing authorization check in suc_submit_capabilities() across versions up to 1.0, enabling unauthenticated attackers to elevate any user to administrator. CVSSv3.1 is rated 9.8 (Critical); exploitation is list...
CVE-2025-12157
CVE-2025-12157 concerns the WordPress plugin Simple User Capabilities . The connected documents confirm an unauthenticated modification risk due to a missing permission check on the AJAX endpoint wp_ajax_nopriv_reset_capability , affecting versions up to and including 1.0 . This can allow an unau...
CVE-2025-12157 Simple User Capabilities <= 1.0 - Missing Authorization to Unauthenticated Capability Reset
The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivresetcapability' AJAX endpoint in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to reset any...
WordPress plugin Simple User Capabilities 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin Simple User Capabilities 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2018-3656
Malware in sbrugna...
EUVD-2024-47515
Malicious code in bioql PyPI...
EUVD-2022-5264
Malicious code in bioql PyPI...
EUVD-2022-43170
Malicious code in bioql PyPI...
EUVD-2024-49550
Malicious code in bioql PyPI...
EUVD-2023-59034
Malicious code in bioql PyPI...
EUVD-2024-48514
Malicious code in bioql PyPI...
EUVD-2025-4857
Malicious code in bioql PyPI...