367621 matches found
CVE-2026-14181 @fastify/middie standalone engine vulnerable to Denial of Service via malformed percent-encoded paths
@fastify/middie versions 9.1.0 through 9.3.2 fail to guard the URL normalization step used by the standalone engine when incoming request paths contain malformed percent-encoded sequences. Inputs such as an incomplete percent escape or a truncated multibyte sequence cause the underlying decoder t...
CVE-2026-14198 @fastify/middie vulnerable to authorization bypass via encoded slash in path parameter values
@fastify/middie versions 9.1.0 through 9.3.2 decode the encoded slash %2F inside path parameter values before matching middleware paths, while Fastify's underlying router preserves the encoding during route lookup. The two layers disagree on the canonical request path, so the middleware fails to...
CVE-2026-13323
In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...
CVE-2026-48316
This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...
CVE-2026-13228
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.6.3 This is due to an Insecure Direct Object Reference IDOR in the createorupdate function of OsOrdersController, whi...
CVE-2026-12142
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'name' Array Parameter in all versions up to, and including, 9.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2026-10095
The WP Photo Album Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subtext' parameter in all versions up to, and including, 9.1.13.005 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-14258
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...
CVE-2026-27435
Missing Authorization vulnerability in WofficeIO Woffice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woffice: from n/a before 5.4.33...
CVE-2026-51923
This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...
CVE-2026-51924
This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...
CVE-2026-51926
This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...
CVE-2026-12754
The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2026-13454
The MotoPress Appointment Booking plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 2.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-10538
This CVE affects Control-M components (Control-M/Server and Control-M/Enterprise Manager) with a deserialization vulnerability in the messaging consumer. The issue arises from deserializing user-controlled data without strict control of allowed object types in versions 9.0.20.x and potentially ea...
CVE-2026-10539
The vulnerability CVE-2026-10539 affects Control-M/Server versions 9.0.20.x through 9.0.21.200 (and potentially earlier unsupported versions). It is caused by insufficient filtering/sanitization of user-supplied input in a Control-M/Server communication command, which could allow an unauthenticat...
CVE-2026-12158
The CVE pertains to the WordPress plugin RegistrationMagic – User Registration Forms Plugin, vulnerable to Cross-Site Request Forgery up to version 6.0.9.1 due to missing/incorrect nonce validation in process_request. This allows unauthenticated attackers to escalate a form submitter’s privileges...
CVE-2026-13733
The CVE-2026-13733 entry affects the WordPress Download Manager plugin (versions up to 3.3.60). A Stored Cross-Site Scripting flaw exists in the no_data_msg shortcode attribute due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor-level a...
CVE-2026-10096
The Qi Blocks WordPress plugin is vulnerable to Insecure Direct Object Reference in all versions up to and including 1.4.9 via the page_id parameter. Authenticated users with author-level access can modify stored Qi Blocks styles on arbitrary posts, templates, or widgets, including site-wide surf...
CVE-2026-12408
The CVE-2026-12408 entry concerns the WordPress plugin Slim SEO (versions up to and including 4.9.8). The vulnerability arises from the REST endpoint /wp-json/slim-seo/meta-tags/ai: the permission_callback only checks a top-level edit_posts capability and does not verify that the requester can re...
CVE-2026-11387
The CVE concerns the WordPress plugin SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery (versions up to 3.9.5). The vulnerability allows unauthenticated privilege escalation via account takeover by exploiting flawed identity validation before updating user detai...
CVE-2026-12435
The Motors – Car Dealership & Classified Listings Plugin for WordPress is affected up to version 1.4.111 by an authorization bypass. An authenticated user with subscriber-level access can mark or unmark another user’s car listing as Sold by replaying a valid nonce from their own listing against a...
CVE-2026-12732
CVE-2026-12732 concerns the LearnPress WordPress plugin (versions <= 4.4.0). The vulnerability is a Stored Cross-Site Scripting (XSS) via the short code attribute class_wrapper_form . Root cause: insufficient input sanitization and output escaping in FilterCourseTemplate::sections(), where att...
CVE-2026-10540
CVE-2026-10540 affects Control-M/Enterprise Manager (unsupported versions 9.0.20.x and potentially earlier). The vulnerability stems from weak protections for stored password hashes, potentially allowing offline password recovery if credential data is obtained. The CVSS metrics indicate a Local a...
CVE-2026-12577
CVE-2026-12577 affects DVP80ES3 and is due to an improperly implemented security check for a standard vulnerability. The NVD entry lists a CVSS v4.0 base score of 8.7 (HIGH): network attack vector, low attack complexity, no user interaction required. Impacts: availability HIGH, confidentiality/in...
CVE-2026-12576
Technical details about CVE-2026-12576 are not publicly available in the provided documents. Monitor for updates from official sources for affected components, impact, and remediation information.
CVE-2026-12575
Technical details for CVE-2026-12575 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-50043
SkyBridge MB-A100/MB-A110 are affected by CVE-2026-50043: improper neutralization of special elements used in an OS command (OS Command Injection). If an attacker can log in with administrative privileges, arbitrary OS commands may be executed. The connected documents do not specify a patch or wo...
CVE-2026-12224
The CVE-2026-12224 entry concerns the Dokan Pro plugin for WordPress. The vulnerability arises in the update_capabilities REST endpoint, which accepts arbitrary capability strings from the request body and passes them to WP_User::add_cap() without allowlist validation, with only the caller’s doka...
CVE-2026-56016
CGI::Session::ID::md5 (Perl) before 4.49 generates session IDs from a MD5 digest of the process ID, epoch time, and Perl’s rand(), all low-entropy/predictable sources. An attacker who predicts a session ID can impersonate the session and bypass authentication. Remediation: upgrade to CGI::Session...
CVE-2026-11880
The Fluent Forms WordPress plugin before 6.2.1 does not properly verify ownership before processing a subscription cancellation request, allowing authenticated users with a low-privilege account to cancel subscriptions belonging to other users...
CVE-2026-11794
The Advanced Form Integration — Connect Forms to 200+ Apps WordPress plugin before 2.1.1 does not restrict the WordPress role assigned when it creates a user from a public form submission, allowing unauthenticated visitors to create an administrator account when an active integration maps the use...
CVE-2026-11570
The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display template, leading to a Stored Cross-Site Scripting that can be triggered by unauthenticated users when a non-default display option is enabled...
CVE-2026-11568
The Product Configurator for WooCommerce WordPress plugin before 1.7.3 does not perform any authorisation or post-status check before returning WooCommerce product data through a public AJAX action, allowing unauthenticated users to retrieve the data title, price, weight, stock status, and...
CVE-2026-11883
The WebAuthn Provider for Two Factor WordPress plugin before 2.5.6 does not correctly validate the second-factor authentication response, allowing an attacker who already knows a user's password to bypass the two-factor authentication requirement by submitting a malformed request...
CVE-2026-11887
The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authenticated user, such as a subscriber, to modify a Salon Booking System WordPress plugin before 10.30.20 setting and bypass the manual approval of new...
CVE-2026-10750
The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify,...
CVE-2026-11562
The WS Form LITE WordPress plugin before 1.11.8 does not have a capability check on one of its settings-update actions, allowing authenticated users with subscriber-level access and above to modify the WS Form LITE WordPress plugin before 1.11.8's settings...
CVE-2025-15666
Open Asset Import Library Assimp (up to 5.4.3) contains a heap-based buffer overflow in Assimp::SceneCombiner::Copy (file code/Common/SceneCombiner.cpp) caused by manipulation of the width/height argument. Local attack required; exploit disclosed publicly (CVSS metrics indicate PoC maturity). No ...
CVE-2026-1239
The CVE-2026-1239 entry concerns the WordPress plugin Ninja Forms – The Contact Form Builder That Grows With You. A missing authorization check on the REST callback ninja-forms-views/token/refresh affects all versions up to and including 3.14.1, permitting unauthenticated attackers to view form s...
CVE-2026-11823
The CVE-2026-11823 entry concerns the BookingPress Appointment Booking Pro plugin for WordPress, affected up to version 5.7.1. The vulnerability is a SQL Injection via the store_service_date parameter of the bpa_assign_staffmember_to_slots() function. Root cause: user-supplied POST data is passed...
CVE-2026-14193
The vulnerability CVE-2026-14193 affects the DVP80ES300T device and is described as an Improper Validation of Array Index vulnerability. In the provided data, the CVSS v3.1 base score is 7.5 ( HIGH ), with Network attack vector, no privileges required, no user interaction, and availability impact...
CVE-2026-12579
Technical details (affected products, root cause, remediation) are not publicly available in the provided documents. Monitor for updates from vendors and CVE/NVD entries.
CVE-2026-11380
The CVE-2026-11380 entry concerns the WordPress plugin JetWidgets For Elementor. Affected: JetWidgets For Elementor (WordPress) versions up to and including 1.0.21. Vulnerability: Stored Cross-Site Scripting due to insufficient output escaping and missing server-side validation of the Animated Bo...
CVE-2026-11988
CVE-2026-11988 affects LearnPress
CVE-2026-6070
The WP-BusinessDirectory WordPress plugin (versions up to and including 4.0.1) is vulnerable to unauthenticated arbitrary file deletion via path traversal. The issue stems from insufficient path validation in the remove() method of JBusinessDirectoryControllerUpload. The task=upload.remove endpoi...
CVE-2026-12127
WPForms – Easy Form Builder for WordPress (WordPress plugin WPForms Lite) versions up to 1.10.2 are vulnerable to CRLF header injection in outgoing notification emails. The root cause is improper neutralization of CRLF sequences: get_reply_to_address() expands the Reply-To display name with conte...
CVE-2026-2387
The CVE-2026-2387 entry concerns the WordPress Event Organiser plugin (versions up to and including 3.12.9). The vulnerability is a Stored Cross-Site Scripting flaw in the eo_events shortcode: attacker-controlled no_events content is rendered in event list templates without output escaping, allow...
CVE-2026-12113
The WordPress plugin Appointment Booking Calendar (versions
CVE-2026-11981
The CVE-2026-11981 entry concerns the WordPress GiveWP plugin (affected: versions up to 4.15.3) with a Cross-Site Request Forgery vulnerability due to missing nonce validation in give_set_notification_status_handler(). This allows unauthenticated attackers to disable donation email notifications ...