198 matches found
Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting
The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues. id: CVE-2017-18542 info: name: Zendesk Help Center by BestWebSoft 1.0.5 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The zendesk-help-center plugin before 1.0.5 for WordPress has...
CVE-2026-49105
Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...
CVE-2026-49105 WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...
CVE-2026-49105 WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...
EUVD-2026-36882
Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...
PT-2026-49507
Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...
WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms versions = 1.1.4...
com.akamai.edgegrid:edgegrid-signer-async-http-client (>=6.0.1 <=6.0.3-rc.1), com.arpnetworking.metrics:mad-experimental (>=1.2.4 <=1.2.11) +66 more potentially affected by CVE-2026-40490 via org.asynchttpclient:async-http-client (>=3.0.0.Beta1 <=3.0.7)
org.asynchttpclient:async-http-client MAVEN version =3.0.0.Beta1, =6.0.1, =1.2.4, =1.22.5, =1.13.8, =1.1.0, =0.4.8, =0.4.8, =0.4.8, =1.17.0, =1.17.0, =1.17.0, =0.5.0, =2.7.3, =218.0.0, =14.5.0, =16.0.0 and more Source cves: CVE-2026-40490 Source advisory: OSV:GHSA-CMXV-58FP-FM3G...
BIT-DISCOURSE-2026-33291 Discourse user can create Zendesk tickets even when it does not have access to topic
Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0, 2026.2.1, and 2026.1.2 contain a patch. No...
CVE-2026-33291
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
CVE-2026-33291
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
CVE-2026-33291
The CVE concerns Discourse (with the Zendesk plugin) where moderators can create Zendesk tickets for topics they are not allowed to view. Affected versions are prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2. The published fixes are included in 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, respec...
CVE-2026-33291
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
CVE-2026-33291 Discourse user can create Zendesk tickets even when it does not have access to topic
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
CVE-2026-33291 Discourse user can create Zendesk tickets even when it does not have access to topic
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
EUVD-2026-13896
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
CVE-2026-33291 Discourse user can create Zendesk tickets even when it does not have access to topic
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...
Discourse 安全漏洞
Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.3.0-latest.1, as well as versions before 2026.2.1 and 2026.1.2, have security...
PT-2026-26704
Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 Description Discourse is an open-source discussion platform. Moderators can create Zendesk tickets for topics they do not...
CVE-2026-2568
The WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form submission data in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping. This makes it possib...