176990 matches found
PT-2026-40563
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 8.9.0. This is due to a missing ownership verification in the B2S Post Tools::deleteUserPublishPost and B2S Post Tools::deleteUserSchedPost...
PT-2026-40558
The Broadstreet plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.53.1 via the get sponsored meta AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract data from password...
PT-2026-40555
Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...
PT-2026-40562
The Cost of Goods: Product Cost & Profit Calculator for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'alg wc cog product cost' and 'alg wc cog product profit' shortcodes in all versions up to, and including, 4.1.0 due to insufficient input...
PT-2026-40556
Name of the Vulnerable Software and Affected Versions Advantech IoT & SCADA affected versions not specified Description A SQL injection allows a remote authenticated attacker to execute arbitrary commands via a specific interface. This could enable the attacker to access, modify, or delete...
PT-2026-40560
The Broadstreet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.53.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
PT-2026-40569
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
PT-2026-40578
Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...
PT-2026-40576
Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...
PT-2026-40577
Name of the Vulnerable Software and Affected Versions GUARDIANWALL MailSuite affected versions not specified GUARDIANWALL Mail Security Cloud SaaS version affected versions not specified Description A stack-based buffer overflow allows a remote attacker to execute arbitrary code by sending a...
PT-2026-40571
Improper input validation in FacAtFunction in Galaxy Watch prior to SMR May-2026 Release 1 allows local attacker to execute arbitrary code with system privilege...
PT-2026-40580
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.9.9. This is due to the get course id by function unconditionally trusting the user-supplied course GET parameter as the authoritative cour...
PT-2026-40566
Name of the Vulnerable Software and Affected Versions Hitachi Vantara Pentaho Data Integration & Analytics affected versions not specified Description The software contains a JDBC driver for H2 databases that allows external script execution. This occurs when a data source administrator creates a...
PT-2026-40572
Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...
PT-2026-40574
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
PT-2026-40570
Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code...
PT-2026-40568
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier...
PT-2026-40581
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbm best seller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2026-40584
Name of the Vulnerable Software and Affected Versions Avada Builder versions prior to 3.15.2 Description The Avada Builder plugin for WordPress contains a time-based SQL Injection, a technique where an attacker sends queries that cause the database to pause for a specific duration to determine if...
PT-2026-40582
The Snow Monkey Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-slick' attribute in all versions up to, and including, 24.1.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2026-40592
Impact Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypted props p value as...
PT-2026-40587
Name of the Vulnerable Software and Affected Versions malcontent version 0.14.0 Description A D-Bus method RecordUsage in malcontent-timerd allows arbitrary system users to exhaust disk space in the /var/lib/malcontent-timerd directory. Recommendations At the moment, there is no information about...
PT-2026-40590
Name of the Vulnerable Software and Affected Versions Klever-Go versions prior to 1.7.17 Description A remote, unauthenticated denial-of-service issue exists in the Batch.Decompress function within data/batch/batch.go. This allows any peer participating in a topic served by MultiDataInterceptor t...
PT-2026-40589
Name of the Vulnerable Software and Affected Versions Authlib versions prior to 1.6.12 Authlib versions prior to 1.7.1 Description An unauthenticated open redirect exists in the authorization endpoint of the OpenIDImplicitGrant and OpenIDHybridGrant components. A remote attacker can cause the...
PT-2026-40591
Name of the Vulnerable Software and Affected Versions OpenLearnX versions prior to 2.0.4 Description An authentication issue in this open-source, decentralized learning and assessment platform could allow unauthorized access to user accounts under specific conditions. Recommendations Update to...
PT-2026-40586
The Hostinger Reach – AI-Powered Email Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handle ajax action' function in all versions up to, and including, 1.3.8. This makes it possible for authenticated...
PT-2026-40585
Privilege escalation in the mk mysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary co...
PT-2026-40597
ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication...
PT-2026-40596
ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of ping ip addr parameter. If processing a crafted request sent by a logged-in user, an arbitrary OS command may be executed...
PT-2026-40594
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'get content' AJAX action. This makes it possible for authenticated attackers, with Author-level access and above, to include and...
PT-2026-40595
The RTMKit Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the save widget and reset all widgets functions in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with...
PT-2026-40600
ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...
PT-2026-40602
The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTF Display Elements::get post text function when rendering cached tweet text. The plugin's ctf get more posts AJAX...
PT-2026-40598
Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description An OS command injection exists in the processing of the username parameter. This allows an unauthenticated attacker to execute arbitrary OS commands by sendin...
PT-2026-40601
ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...
PT-2026-40593
ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...
PT-2026-40599
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...
PT-2026-40606
An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...
PT-2026-40604
qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysDeptMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII...
PT-2026-40608
Name of the Vulnerable Software and Affected Versions bandit versions 1.6.1 through 1.11.0 Description An infinite loop in the do read chunked data!/5 function within lib/bandit/http1/socket.ex allows unauthenticated remote attackers to cause a denial of service via worker process exhaustion. The...
PT-2026-40611
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pm invite user function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-lev...
PT-2026-40605
qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII via a crafted SQL...
PT-2026-40609
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8.4. This is due to the plugin not properly verifying that a user is authorized to perform an action via the pm set group order, pm set grou...
PT-2026-40610
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to, and including, 5.9.8.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...
PT-2026-40612
Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...
PT-2026-40603
Name of the Vulnerable Software and Affected Versions Crypt::Argon2 versions 0.017 through 0.030 Description A heap out-of-bounds read occurs in the argon2 verify function when processing empty encoded input. The auto-detect form of argon2 verify passes encoded len - 1 as the length argument to...
PT-2026-40684
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/i915/vrr component where writing to TRANS VRR VMAX or FLIPLINE before enabling TRANS DDI FUNC CTL can cause a system hang with a Machine Check Exception MCE on...
PT-2026-40672
Name of the Vulnerable Software and Affected Versions BIG-IP SSL Orchestrator affected versions not specified Description A directory traversal issue allows an authenticated attacker with high privileges to overwrite, delete, or corrupt arbitrary local files. Directory traversal is a flaw that...
PT-2026-40696
In the Linux kernel, the following vulnerability has been resolved: liveupdate: luo file: remember retrieve status LUO keeps track of successful retrieve attempts on a LUO file. It does so to avoid multiple retrievals of the same file. Multiple retrievals cause problems because once the file is...
PT-2026-40700
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...