3 matches found
CVE-2026-23549
CVE-2026-23549 is a PHP Object Injection (deserialization) vulnerability in the WordPress plugin WpEvently mage-eventpress (affected:
WordPress Userpro Plugin <= 5.1.1 is vulnerable to Broken Access Control
Software Userpro Type Plugin Vulnerable versions = 5.1.1 Fixed in 5.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6007 Patch priority Low CVSS severity Low 7.3 Developer Claim ownership PSID e8ac26fc5935 Credits István Márton Required privilege...
WordPress Advanced File Manager Plugin < 5.1.1 is vulnerable to Sensitive Data Exposure
Software Advanced File Manager Type Plugin Vulnerable versions 5.1.1 Fixed in 5.1.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-3814 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID c11d3f659c9c Credits Dmitrii Required...