2 matches found
CVE-2026-22448
PitchPrint WordPress plugin (flexcubed PitchPrint) <= 11.1.2 is reported to have an improper pathname restriction (path traversal) vulnerability that enables unauthenticated deletion of arbitrary files. The CVE entry CVE-2026-22448 and related Red Hat/ENISA/CVE references confirm affected vers...
CVE-2026-27214
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires...