Lucene search
K

6 matches found

NVD
NVD
added 2026/06/06 12:16 a.m.15 views

CVE-2026-10038

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachment Deletion in versions up to, and including, 1.8.11.1 via the profile avatar...

4.3CVSS0.00285EPSS
Exploits0References12
CVE
CVE
added 2026/06/05 11:28 p.m.24 views

CVE-2026-10038

The Charitable – Donation Plugin for WordPress (Charitable) up to version 1.8.11.1 is affected by an Insecure Direct Object Reference/Authorization Bypass that enables Arbitrary Attachment Deletion via the profile avatar update flow. The issue stems from save_avatar() calling wp_delete_attachment...

4.3CVSS5.6AI score0.00285EPSS
Exploits0References12
Patchstack
Patchstack
added 2026/06/05 10:28 a.m.8 views

WordPress Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin <= 1.8.11.1 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Attachment Deletion vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary Attachment Deletion vulnerability discovered by Khanh Nguyen - BlueRock in WordPress Plugin Charitable versions = 1.8.11.1...

4.3CVSS5.5AI score0.00285EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2012/06/19 12:0 a.m.24 views

Asterisk SIP Channel Driver DoS Vulnerability

Asterisk is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE = "cpe:/a:digium:asterisk";...

6.5CVSS6.2AI score0.0219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/05/04 12:0 a.m.40 views

Fedora 16 : asterisk-1.8.11.1-1.fc16 (2012-6612)

The Asterisk Development Team has announced security releases for Asterisk 1.6.2, 1.8, and 10. The available security releases are released as versions 1.6.2.24, 1.8.11.1, and 10.3.1. These releases are available for immediate download at...

7.5CVSS6.1AI score0.16391EPSS
Exploits0References18
OSV
OSV
added 2012/04/30 8:55 p.m.2 views

DEBIAN-CVE-2012-2415

Heap-based buffer overflow in chanskinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of...

6.5CVSS7.8AI score0.02721EPSS
Exploits0References1
Rows per page
Query Builder