368678 matches found
CVE-2026-13459
JetFormBuilder for WordPress (Dynamic Blocks Form Builder) is affected up to version 3.6.3 due to an authorization bypass in the get_from_db generator. Unauthenticated attackers can retrieve distinct values stored in wp_postmeta (including Woocommerce PII like _billing_email, _billing_phone, and ...
CVE-2026-9834
The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin (WordPress) is vulnerable to OS Command Injection in all versions up to 7.11 via the wp_db_exclude_table parameter. The root cause is direct concatenation of user-supplied $_POST['wp_db_exclude_table'] values into ...
CVE-2026-9188
CVE-2026-9188 affects the WordPress plugin “Wappointment” (Appointment Bookings for Zoom GoogleMeet and more) up to version 2.7.6. The vulnerability is an Insecure Direct Object Reference via the appointmentkey/edit_key parameter, where the authorization token consumed by tryCancel() is a predict...
CVE-2026-12657
The CVE-2026-12657 entry concerns the WordPress LatePoint Calendar Booking Plugin (versions up to and including 5.6.2). The vulnerability is an Insecure Direct Object Reference exposed via user-controlled keys in two publicly accessible parameters: params[booking][service_id] in steps__load_step ...
CVE-2026-14336
The connected documents confirm CVE-2026-14336 affects PIA’s OIDC issuer allowlist for Jenkins tokens. The issue is a faulty host-bounded URL validation: issuer.startswith(' https://ci.eclipse.org ') is used in is_issuer_known (pia/models.py:139) instead of properly validating the issuer as a hos...
CVE-2026-9563
Eclipse Parsson JSON parser did not enforce a default maximum on parsed characters before 1.1.8, allowing DoS from attacker-controlled JSON via very large documents. The fixed version, Parsson 1.1.8, adds a configurable limit with a default of 15 million parser-consumed characters. Affected: Ecli...
CVE-2026-8147
CVE-2026-8147 – MLflow trace API authorization bypass : In MLflow versions prior to 3.14.0 running with authentication enabled, the trace API endpoints lack proper authorization validators because the _before_request handler does not register validators for trace endpoints. This allows any authen...
CVE-2026-12118
IBM webMethods Integration Server is affected by CVE-2026-12118 due to deserialization of untrusted data via the WmServiceMock package. Affected on‑prem versions include 10.15 and 10.11. The bulletin states there is no patch; the recommended remediation is to remove the WmServiceMock package from...
CVE-2026-33592
The CVE-2026-33592 issue affects open62541 (versions 1.4.0–1.4.16, 1.5.0–1.5.4, and master). An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service because the FindServersRequest serverUris field is not validated for length/array size. An adversary can ...
CVE-2026-11781
The CVE-2026-11781 entry affects the Adminify WordPress plugin prior to version 4.2.10. The vulnerability arises because the plugin does not perform per-user read-capability checks on results returned by an administration search feature. As a result, users with a low-privilege role (Contributor) ...
CVE-2026-11965
The CVE-2026-11965 entry affects the WordPress plugin User Registration & Membership prior to version 5.2.0. The underlying issue is that the plugin does not enforce payment completion before activating a paid membership subscription, enabling unauthenticated users (after self-registering via the...
CVE-2026-10077
The affected product is the YOOtheme WordPress theme (prior to 5.0.35). The issue arises in the bundled front-end framework that can treat certain HTML attributes, allowed by wp_kses_post(), as markup, enabling Stored XSS when a user with the Author role views a post. The root cause is improper h...
CVE-2026-11578
The CVE concerns the Fluent Forms WordPress plugin prior to 6.2.5, where deletion of form submission entries is not properly restricted to forms a restricted Manager is authorized to manage. This misconfiguration allows a Manager limited to specific forms to permanently delete submission entries ...
CVE-2026-13704
Summary: CVE-2026-13704 affects the GiveWP – Donation Plugin and Fundraising Platform for WordPress. The vulnerability is a Stored Cross‑Site Scripting issue exploitable via the parameter sequoia[introduction][image] and exists in all versions up to and including 4.16.1 due to insufficient input ...
CVE-2026-5348
The CVE concerns the WordPress plugin Academy LMS (WordPress LMS Plugin for Complete eLearning Solution) up to version 3.8.1. The root cause is the REST API endpoint /topics being registered with a permission callback of __return_true, which permits unauthenticated access to course curriculum dat...
CVE-2026-10089
CVE-2026-10089 concerns the WordPress plugin Insert Pages (versions up to 3.11.4). It describes a Stored XSS where the meta field key (not the value) is interpolated into rendered HTML without escaping when rendering a page via the [insert page] shortcode. The underlying cause is insufficient esc...
CVE-2026-11592
The CVE-2026-11592 entry concerns the WordPress plugin Email Subscribers & Newsletters (formerly “Email Marketing, Post Notifications & Newsletter”). It describes an authorization bypass vulnerability affecting all versions up to and including 5.9.27. The root cause is that the plugin fails to ve...
CVE-2026-13357
The Houzez Property Feed WordPress plugin (up to version 2.5.46) is vulnerable to SQL Injection via the 'orderby' parameter. The issue stems from user-controlled $_GET['orderby'] and $_GET['order'] being filtered only with sanitize_text_field() and concatenated into the SQL format string before $...
CVE-2026-5821
The CVE-2026-5821 entry details a vulnerability in the WordPress Image Optimizer plugin (versions up to 1.7.4). The root cause is insufficient path validation in Image_Backup::remove(), where backup file paths stored in the image_optimizer_metadata post meta are used directly for deletion without...
CVE-2026-14249
The CVE refers to the WordPress plugin “Request a Quote” (versions up to and including 2.5.5). The vulnerability is a Code Injection via the emd_delete_file AJAX action. The handler derives a PHP function name from attacker-controlled $_POST['path'] and invokes it dynamically through a variable-f...