Lucene search
K

363781 matches found

NVD
NVD
added 2026/06/18 8:16 a.m.15 views

CVE-2026-55745

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.editfolder.php, the folder update action 'a=update' updates folder metadata title, description, public/gallery flags without calling cotcheckxg ...

5.4CVSS0.00116EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 8:16 a.m.10 views

CVE-2026-28573

In AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00138EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 8:16 a.m.13 views

CVE-2026-55741

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action 'a=update' processes POST data via cotconfigupdateoptions without calling cotcheckxg to validate...

8.8CVSS0.00176EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 8:16 a.m.11 views

CVE-2026-12111

The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing per-calendar ownership checks in the cpabcappointmentscalendarload2 function, which is reachable vi...

4.3CVSS0.00285EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 8:16 a.m.12 views

CVE-2026-12136

The Customize My Account For Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sysbasicsuseravatar' shortcode in versions up to, and including, 4.3.6. This is due to insufficient input sanitization and output escaping on user supplied attributes minheight,...

6.4CVSS0.00193EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 8:16 a.m.13 views

CVE-2026-12098

The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS0.00202EPSS
Exploits0References8
NVD
NVD
added 2026/06/18 8:16 a.m.10 views

CVE-2026-12102

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the 'userid' parameter due to missing validation on a user controlled key...

2.7CVSS0.0028EPSS
Exploits0References12
NVD
NVD
added 2026/06/18 8:16 a.m.9 views

CVE-2026-12137

The SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 4.3.6 due to insufficient input sanitization and output escaping. Thi...

6.1CVSS0.00211EPSS
Exploits0References4
NVD
NVD
added 2026/06/18 8:16 a.m.9 views

CVE-2026-11395

The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pullthetrigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

7.2CVSS0.00231EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-9860

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

8.8CVSS0.00577EPSS
Exploits0References6
NVD
NVD
added 2026/06/18 6:16 a.m.12 views

CVE-2026-9199

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS0.00245EPSS
Exploits0References8
NVD
NVD
added 2026/06/18 6:16 a.m.12 views

CVE-2026-11777

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to generic SQL Injection via the 'name' parameter in all versions up to, and including, 1.15.43 due to insufficient escaping on the user supplied parameter and lack of sufficient...

4.9CVSS0.00355EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 6:16 a.m.16 views

CVE-2026-11402

The Services Section Block – Showcase Service Details in Grid or Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'link' Block Attribute in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00212EPSS
Exploits0References4
NVD
NVD
added 2026/06/18 6:16 a.m.12 views

CVE-2026-55740

Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...

9.8CVSS0.00366EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 6:16 a.m.14 views

CVE-2026-11784

The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.6. This is due to missing or incorrect nonce validation on the replacefile function. This makes it...

4.3CVSS0.00157EPSS
Exploits1References6
NVD
NVD
added 2026/06/18 6:16 a.m.9 views

CVE-2026-12120

The FireBox Popups – Increase Sales and Grow Your Email List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.7 via the 'formid' parameter. This makes it possible for unauthenticated attackers to extract download a full CSV export of a...

5.3CVSS0.00331EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-12093

The Simple Membership plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.7.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to deactivate arbitra...

5.3CVSS0.00352EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 6:16 a.m.16 views

CVE-2026-11776

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to generic SQL Injection via the 'groupids' parameter in all versions up to, and including, 1.15.43 due to insufficient escaping on the user supplied parameter and lack of sufficient...

4.9CVSS0.00355EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 6:16 a.m.9 views

CVE-2026-10736

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via the 'data' parameter in all versions up to, and including, 3.9.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

4.9CVSS0.00363EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 6:16 a.m.11 views

CVE-2026-11360

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to generic SQL Injection via the 'sortdirection' parameter in all versions up to, and including, 4.0.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

4.9CVSS0.00369EPSS
Exploits0References14
NVD
NVD
added 2026/06/18 6:16 a.m.16 views

CVE-2026-11358

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping. This makes it...

4.4CVSS0.00203EPSS
Exploits0References6
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-10623

The PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.0 via the 'ruleid' parameter due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS0.0026EPSS
Exploits0References16
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-11357

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.7.5 via the editorassetsvariables. This makes it possible for authenticated attackers, with contributor-level access and abov...

4.3CVSS0.00243EPSS
Exploits0References8
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-10029

The Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.13.1 via the getevents. This makes it possible for unauthenticated attackers to extract sensitive data including...

5.3CVSS0.0031EPSS
Exploits0References12
NVD
NVD
added 2026/06/18 4:16 a.m.16 views

CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS0.0012EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 4:16 a.m.14 views

CVE-2026-12407

The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.32.26. This is due to the screenaction function lacking a dedicated capability check and nonce verification — when invoked via the ?action=screen routing path...

8.8CVSS0.00387EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 4:16 a.m.12 views

CVE-2026-10023

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via the changeorderstatus, addordernote, deleteordernote,...

4.3CVSS0.0025EPSS
Exploits0References10
NVD
NVD
added 2026/06/18 1:18 a.m.13 views

CVE-2026-12569

A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...

9.8CVSS0.01247EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 12:16 a.m.10 views

CVE-2026-48764

TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF validation is implemented by resolving a hostname once and checking whether the resolved IP belongs to a forbidden range allowing for DNS rebinding bypass. The root cause is a time-of-check to time-of-use gap in the SSRF guard...

8.2CVSS0.00271EPSS
Exploits0References3
NVD
NVD
added 2026/06/18 12:16 a.m.12 views

CVE-2026-48768

TypeBot is a chatbot builder tool. In versions 3.16.1 and earlier, POST /api/blocks/file-input/v3/generate-upload-url is unauthenticated and uses unsanitized fileName input to construct public/ S3 object keys, while issuing presigned PUT URLs that do not bind Content-Type. As a result, any...

9.3CVSS0.00268EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 11:17 p.m.9 views

CVE-2026-54445

vantage6 is an open-source infrastructure for privacy preserving analysis. Versions prior to 5.0.0 provide an initial user with username root and password root. This is not ideal because attackers know that almost all vantage6 servers have a user with username root that probably has admin rights,...

6.9CVSS0.00292EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.11 views

CVE-2026-54533

vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, malicious algorithms can potentially access other algorithms input and output files. Version 5.0.0 fixes the issue. As a workaround, verify and restrict the algorithm containers that are allowed to...

6.9CVSS0.00285EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 11:17 p.m.12 views

CVE-2026-48759

TypeBot is a chatbot builder tool. Versions 3.15.2 and below have an Insecure Direct Object Reference vulnerability through cross-workspace Theme Template modification and deletion. The handleSaveThemeTemplate and handleDeleteThemeTemplate handlers validate that the authenticated user is a...

7.1CVSS0.00202EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 11:17 p.m.10 views

CVE-2026-45617

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the built-in striphtml filter uses a regex containing four flawed lazy-quantified alternatives, leading to ReDoS via quadratic backtracking. When the input contains many script...

7.5CVSS0.00385EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.11 views

CVE-2026-50201

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Management.Endpoint prior to version 4.2.0 and Steeltoe.Management.EndpointCore prior to version 3.4.0, all Steeltoe actuator endpoints default to...

6.5CVSS0.00231EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.12 views

CVE-2026-50267

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Abstractions 4.0.0 through 4.1.0, when MySQL or PostgreSQL service bindings from VCAPSERVICES include TLS client credentials, the Connectors libra...

4.7CVSS0.00065EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 11:17 p.m.14 views

CVE-2026-50202

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Security.Authentication.CloudFoundryBase prior to version 3.4.0, Steeltoe.Security.Authentication.JwtBearer prior to version 4.2.0, and...

5.9CVSS0.0029EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.13 views

CVE-2026-50268

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0, configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle...

1.9CVSS0.00046EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 11:17 p.m.10 views

CVE-2026-53676

ThingsBoard contains a prototype pollution vulnerability which may lead to arbitrary code execution within a sandboxed context by a user who can log in to the affected product with the tenant administrator privilege TENANTADMIN...

8.6CVSS0.00603EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.9 views

CVE-2026-12566

The dockerpull module uses the realm parameter from a Docker registry's WWW-Authenticate response header as the authentication endpoint without validation. An attacker in a man-in-the-middle position between bbot and a Docker registry could modify this header to redirect the authentication reques...

3.1CVSS0.00167EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 11:17 p.m.11 views

CVE-2026-12567

The githubworkflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker sharing the scan directory can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location...

2.2CVSS0.00091EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 11:17 p.m.9 views

CVE-2026-12568

The postmandownload module uses the workspace name field from the Postman API to construct the local directory path without sanitization. If a malicious workspace has a name containing path traversal characters, pathlib resolves the path outside the intended output directory, allowing an attacker...

6.5CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 11:17 p.m.8 views

CVE-2026-44645

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the renderLimit option can be fully bypassed by a % for % or % tablerow % tag whose body is empty. The renderLimit option is documented in docs/source/tutorials/dos.md as the...

6.5CVSS0.00317EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.8 views

CVE-2026-44646

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, Context.spawn creates a child Context for the % render % tag but does not propagate the parent context's resolved ownPropertyOnly value, resulting in a silent bypass. The new...

5.3CVSS0.00271EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.10 views

CVE-2026-45357

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the date filter's strftime implementation parses width specifiers like %9999999d and forwards the captured width unchecked into pad/padStart, leading to memory and render limit...

7.5CVSS0.00385EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.11 views

CVE-2026-44644

LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. Versions 10.25.7 and below are vulnerable to XSS through a flaw in the striphtml filter logic. The striphtml filter is intended to remove HTML tags from a string before rendering, and is widely used as an XS...

6.1CVSS0.00203EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.10 views

CVE-2026-12565

The unarchive internal module's archive extraction commands perform no code-level validation on extracted file paths, relying entirely on the behavior of external tools e.g. GNU tar which varies by platform. While CVE-2025-10284 addressed git-specific RCE vectors, the underlying archive extractio...

5.3CVSS0.00208EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 11:17 p.m.9 views

CVE-2024-24769

vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, users can reset their MFA token via API routes that send them an email. Currently the number of emails that is sent is not limited. This gives attackers the option to flood someones mailbox with a l...

2.1CVSS0.00278EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 11:17 p.m.9 views

CVE-2024-27928

vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, if an attacker hacks into a vantage6 user's email account, they can 1 reset the password via email and then 2 reset the 2FA token via email. This way they reduce 2FA to 1FA email access. Note that...

5.9CVSS0.00278EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 10:16 p.m.12 views

CVE-2026-8050

In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...

7.5CVSS0.00278EPSS
Exploits0References1
Total number of security vulnerabilities363781