CVE-2026-9709

The CVE concerns the premium Cornerstone WordPress page builder (bundled with X Theme) prior to version 7.8.9. A REST API route fails to enforce capability checks, allowing any authenticated user to disclose other users’ metadata, including roles, session token previews, and stored billing/shippi...

Rank Math SEO < 1.0.229 - Unauthenticated User and Term Metadata Insert/Update/Deletion

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress contains a missing capability check on 'updatemetadata' in all versions up to 1.0.228, letting unauthenticated attackers insert, update, or delete metadata, including user and term metadata, potentially causing loss of...

CVE-2026-46546 Frappe LMS: HTML injection in user-controlled metadata

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated user could supply specially crafted content in certain user-editable fields that, when surfaced in page metadata, caused visitors' browsers to navigate to...

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions for analyzing threats to network security and malware analysis. MISP has a security vulnerability that...

hackage-server 跨站脚本漏洞

hackage-server is a Haskell software package repository server developed under open source. hackage-server has a cross-site scripting vulnerability, which stems from improperly cleaned user-controlled metadata. This vulnerability may lead to storage-based cross-site scripting attacks...

EUVD-2026-20950

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, the PATCH /files/id endpoint accepts a user-controlled filenamedisk parameter. By setting this value to match the storage path of another user's file, an attacker can overwrite that file's content...

CVE-2026-3460

The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback updateuserwechatshopinfopermissionscheck only validating that the supplied 'openid' parameter corresponds to an...

📄 WordPress RestroPress Online Food Ordering System 3.1.9.2 Disclosure Scanner

WordPress RestroPress Online Food Ordering System plugin version 3.1.9.2 user metadata exposure scanner. ============================================================================================================================================= | Title : WordPress RestroPress Online Food Orderi...

WordPress plugin JAY Login & Register 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin JAY Login & Register 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...

CVE-2018-9377

In getIntentForIntentSender of ActivityManagerService.java, there is a possible way to access user metadata due to a pending intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-12980

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/getdynamiccontent/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible...

WordPress plugin Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Post...

CVE-2025-12512

The GenerateBlocks plugin for WordPress is vulnerable to information exposure due to missing object-level authorization checks in versions up to, and including, 2.1.2. This is due to the plugin registering multiple REST API routes under generateblocks/v1/meta/ that gate access with...

CVE-2025-12512

CVE-2025-12512 (GenerateBlocks, WordPress) : Information exposure due to missing object-level authorization on REST endpoints exposed by generateblocks/v1/meta/. Authenticated users with Contributor+ can query arbitrary user/post meta and key data via get_user_meta_rest, exposing PII such as name...

CVE-2025-13084 Opto 22 groov View Exposure of Sensitive Information Through Metadata

The users endpoint in the groov View API returns a list of all users and associated metadata including their API keys. This endpoint requires an Editor role to access and will display API keys for all users, including Administrators...

CVE-2025-12778

The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handlefilterusers function in all versions up to, and including, 2.3. This makes it possible for unauthenticated attacker...

CVE-2025-12778

The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handlefilterusers function in all versions up to, and including, 2.3. This makes it possible for unauthenticated attacker...

CVE-2025-12778 Ultimate Member Widgets for Elementor <= 2.3 - Missing Authorization to Unauthenticated Information Exposure

The Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handlefilterusers function in all versions up to, and including, 2.3. This makes it possible for unauthenticated attacker...

CVE-2025-12778

The CVE-2025-12778 vulnerability affects the Ultimate Member Widgets for Elementor – WordPress User Directory plugin. It arises from a missing capability check in handle_filter_users, affecting all versions up to and including 2.3, allowing unauthenticated attackers to read partial user metadata ...