368929 matches found
CVE-2026-33592
The CVE-2026-33592 issue affects open62541 (versions 1.4.0–1.4.16, 1.5.0–1.5.4, and master). An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service because the FindServersRequest serverUris field is not validated for length/array size. An adversary can ...
CVE-2026-11781
The CVE-2026-11781 entry affects the Adminify WordPress plugin prior to version 4.2.10. The vulnerability arises because the plugin does not perform per-user read-capability checks on results returned by an administration search feature. As a result, users with a low-privilege role (Contributor) ...
CVE-2026-11578
The CVE concerns the Fluent Forms WordPress plugin prior to 6.2.5, where deletion of form submission entries is not properly restricted to forms a restricted Manager is authorized to manage. This misconfiguration allows a Manager limited to specific forms to permanently delete submission entries ...
CVE-2026-11965
The CVE-2026-11965 entry affects the WordPress plugin User Registration & Membership prior to version 5.2.0. The underlying issue is that the plugin does not enforce payment completion before activating a paid membership subscription, enabling unauthenticated users (after self-registering via the...
CVE-2026-10077
The affected product is the YOOtheme WordPress theme (prior to 5.0.35). The issue arises in the bundled front-end framework that can treat certain HTML attributes, allowed by wp_kses_post(), as markup, enabling Stored XSS when a user with the Author role views a post. The root cause is improper h...
CVE-2026-13704
Summary: CVE-2026-13704 affects the GiveWP – Donation Plugin and Fundraising Platform for WordPress. The vulnerability is a Stored Cross‑Site Scripting issue exploitable via the parameter sequoia[introduction][image] and exists in all versions up to and including 4.16.1 due to insufficient input ...
CVE-2026-10089
CVE-2026-10089 concerns the WordPress plugin Insert Pages (versions up to 3.11.4). It describes a Stored XSS where the meta field key (not the value) is interpolated into rendered HTML without escaping when rendering a page via the [insert page] shortcode. The underlying cause is insufficient esc...
CVE-2026-5348
The CVE concerns the WordPress plugin Academy LMS (WordPress LMS Plugin for Complete eLearning Solution) up to version 3.8.1. The root cause is the REST API endpoint /topics being registered with a permission callback of __return_true, which permits unauthenticated access to course curriculum dat...
CVE-2026-11592
The CVE-2026-11592 entry concerns the WordPress plugin Email Subscribers & Newsletters (formerly “Email Marketing, Post Notifications & Newsletter”). It describes an authorization bypass vulnerability affecting all versions up to and including 5.9.27. The root cause is that the plugin fails to ve...
CVE-2026-13357
The Houzez Property Feed WordPress plugin (up to version 2.5.46) is vulnerable to SQL Injection via the 'orderby' parameter. The issue stems from user-controlled $_GET['orderby'] and $_GET['order'] being filtered only with sanitize_text_field() and concatenated into the SQL format string before $...
CVE-2026-5821
The CVE-2026-5821 entry details a vulnerability in the WordPress Image Optimizer plugin (versions up to 1.7.4). The root cause is insufficient path validation in Image_Backup::remove(), where backup file paths stored in the image_optimizer_metadata post meta are used directly for deletion without...
CVE-2026-14249
The CVE refers to the WordPress plugin “Request a Quote” (versions up to and including 2.5.5). The vulnerability is a Code Injection via the emd_delete_file AJAX action. The handler derives a PHP function name from attacker-controlled $_POST['path'] and invokes it dynamically through a variable-f...
CVE-2026-11600
The CVE-2026-11600 entry concerns Envo’s Templates & Widgets for Elementor and WooCommerce (WordPress). Affected: Tabs and Off Canvas widgets up to version 1.4.26. Root cause: the Tabs widget render() passes a user-controlled template/post ID to Elementor’s get_builder_content_for_display() witho...
CVE-2026-57278
GeoWebPlayer (Web Plugin/WS Player) vulnerable to a stack-based buffer overflow in the connectInfo handler, specifically in the ip field (conn_info.ip_or_host) with unbounded JSON input. TALOS confirms multiple CVEs in the same connectInfo codepath, including potential arbitrary code execution in...
CVE-2026-57277
CVE-2026-57277 affects GeoWebPlayer (Web Plugin/WS Player) GeoVision GeoWebPlayer Websocket Server connectInfo handler. The vulnerability is a stack-based buffer overflow in the key field (buffer key_blob[17]), caused by copying attacker-controlled JSON fields into fixed-size buffers without prop...
CVE-2026-57276
GeoWebPlayer’s Websocket Server connectInfo handler contains stack-based buffer overflow vulnerabilities in several fields (e.g., username/password/password_enc with key present; ip, key_blob) leading to potential arbitrary code execution. Affected product: GeoWebPlayer (GeoVision GV-VMS/GV-Cloud...
CVE-2026-57275
Geovision GeoWebPlayer Websocket Server connectInfo handler is vulnerable to stack-based buffer overflows in multiple fields when handling JSON input (username, password, username_enc, password_enc, key, ip). Affected product: GeoWebPlayer (GeoVision software family), with version context cited b...
CVE-2026-57274
GeoWebPlayer’s CVE-2026-57274 is a buffer overflow in the connectInfo password handling of the Websocket Server (no key present) affecting GeoWebPlayer 1.1.1.0. A crafted websocket message can overflow the 64-byte password buffer, potentially enabling arbitrary code execution. Vendor patch releas...
CVE-2026-57273
GeoWebPlayer Websocket Server connectInfo handler in GeoVision software contains multiple stack-based buffer overflows in user-supplied JSON fields. Specifically, overflows occur in: username and password when key is absent (64-byte buffers), and username_enc, password_enc, key_blob, ip fields wh...
CVE-2026-57272
GeoWebPlayer/Websocket Server in GeoVision software (GV-VMS, GV-Cloud, etc.) uses an index parameter that is not validated, allowing out-of-bounds reads when handling localhost commands. This is the stated root cause and leads to the reported vulnerability (CVE-2026-57272). Impact is noted as hig...