Authorization bypass in Utarit Informatics SoliClub Android application versions 5.2.4 through 5.3.6 allows remote unauthenticated attackers to access or manipulate other users' data by tampering with user-controlled identifiers (IDOR). The flaw enables functionality misuse with high impact on confidentiality (CVSS 7.5), though no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.04%.
Hard-coded credentials in Utarit Information Services SoliClub Android app (versions 5.2.4 through 5.3.7) allow remote unauthenticated attackers to read sensitive constants embedded within the executable. The flaw was reported by Turkey's national CERT (USOM) and carries a CVSS 7.5 with high confidentiality impact but no integrity or availability effect; no public exploit identified at time of analysis and EPSS is very low at 0.04%.
Information disclosure in Utarit Informatics SoliClub Android app versions 5.2.4 through 5.3.6 allows remote unauthenticated attackers to query the system and retrieve private personal information belonging to other users. The flaw stems from inadequate access controls on a query interface, and while CVSS rates it 7.5 (High), the EPSS probability of exploitation is very low (0.04%, 13th percentile) and no public exploit identified at time of analysis.
Path traversal in Nozomi Networks CMC and Guardian allows authenticated users with limited privileges to write arbitrary files to any system location by uploading a malicious Arc data archive. This enables device configuration tampering and denial-of-service attacks. Attack requires low-privilege authentication but has high integrity and availability impact (CVSS 7.2). No public exploit identified at time of analysis, though the attack vector is straightforward for authenticated insiders or compromised accounts.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shinetheme Traveler traveler allows Reflected XSS.This issue affects Traveler: from n/a through < 3.2.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through < 5.6.
Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through < 2.9.10.
Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through <= 1.0.9.
Stored cross-site scripting in Nozomi Networks CMC and Guardian allows authenticated users with report privileges to inject malicious JavaScript payloads into report definitions. When victims view or import these weaponized reports, the XSS executes in their browser context, enabling attackers to modify application data, disrupt availability, and access sensitive information. The vulnerability requires low-privilege authentication and user interaction (CVSS:4.0 score 7.1, PR:L/UI:P), with high integrity and availability impacts but limited confidentiality exposure. No public exploit identified at time of analysis, though the attack technique is well-understood and straightforward given the stored XSS nature.
Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.
Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Blank: from n/a through <= 1.2.0.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AmentoTech Tuturn tuturn allows Path Traversal.This issue affects Tuturn: from n/a through < 3.6.
Improper Control of Generation of Code ('Code Injection') vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through <= 1.5.13.
Improper Control of Generation of Code ('Code Injection') vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through <= 3.0.0.266.
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in colabrio Stockie Extra stockie-extra allows Code Injection.This issue affects Stockie Extra: from n/a through <= 1.2.11.
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.1.9.
Missing Authorization vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through <= 1.5.3.
Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer – Customizer Login Page, Admin Page, Custom Design: from n/a through <= 2.1.1.
Missing Authorization vulnerability in The African Boss Get Cash get-cash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Get Cash: from n/a through <= 3.2.3.
Missing Authorization vulnerability in Mahmudul Hasan Arif WP Social Ninja wp-social-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Ninja: from n/a through <= 3.20.1.
Authorization Bypass Through User-Controlled Key vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through <= 1.3.60.
Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Optimize with Cloudflare Images cf-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Offload, AI & Optimize with Cloudflare Images: from n/a through <= 1.9.5.
Missing Authorization vulnerability in Magnigenie RestroPress restropress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through <= 3.2.3.5.
Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through <= 2.9.9.
DOM-based cross-site scripting (XSS) in Crocoblock JetElements For Elementor plugin versions up to 2.7.12 allows attackers to inject malicious scripts into web pages through improper input neutralization during page generation. The vulnerability affects WordPress sites using this Elementor page builder extension and can enable session hijacking, credential theft, or malware distribution against site visitors. EPSS exploitation probability is low at 0.04%, but the attack vector is likely network-based requiring no authentication.
Missing authorization in PickPlugins Post Grid and Gutenberg Blocks WordPress plugin (versions through 2.3.17) allows attackers to bypass access control restrictions and exploit incorrectly configured security levels, potentially enabling unauthorized access to protected content or administrative functions. The vulnerability stems from broken access control (CWE-862) with no public exploit code confirmed at time of analysis, though EPSS scoring of 0.04% suggests minimal real-world exploitation probability despite the authorization flaw.
Unicode right-to-left override (RTLO) characters in malicious websites can spoof filenames displayed in Firefox for iOS downloads UI, potentially tricking users into saving files with misleading extensions and types. Affects Firefox for iOS versions prior to 144.0; requires user interaction to download a file. The vulnerability has low real-world exploitation probability (EPSS 0.04%) despite the moderate CVSS score, as it relies on social engineering and user inattention rather than automatic code execution.
Code injection in RuoYi up to version 4.8.1 via the /monitor/cache/getnames endpoint allows authenticated remote attackers to inject arbitrary code through the fragment parameter with low impact to confidentiality, integrity, and availability. The vulnerability requires valid user authentication (PR:L per CVSS 4.0 vector) and has publicly available exploit code, though EPSS scoring at 0.08% percentile (22nd percentile) indicates low real-world exploitation probability despite public disclosure.
Unrestricted file upload in SourceCodester Client Database Management System 1.0 via the /user_leads.php endpoint in the Leads Generation Module allows authenticated remote attackers to upload arbitrary files. The vulnerability requires valid user credentials (PR:L in CVSS v4.0) but carries low confidentiality, integrity, and availability impact per the vector. Public exploit code exists, and EPSS score of 0.06% suggests minimal real-world exploitation despite public availability, likely due to the authenticated requirement limiting attack surface.
Improper authorization in Campcodes Advanced Voting Management System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /admin/voters_edit.php, resulting in unauthorized modification of voter passwords. The vulnerability affects the Password Handler component and requires valid user credentials to exploit, limiting real-world risk despite public exploit availability. EPSS exploitation probability is low at 0.06 percentile, suggesting this flaw targets specific administrative scenarios rather than representing widespread attack potential.
Code injection in ZZCMS 2025 Backend Website Settings Module allows authenticated remote attackers to inject arbitrary code via the icp parameter in the stripfxg function (/admin/siteconfig.php), with limited confidentiality impact. Public exploit code is available, but exploitation requires high-privilege administrative access, significantly limiting practical attack surface despite network-accessible vector.
Insertion of Sensitive Information Into Sent Data vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Retrieve Embedded Sensitive Data.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through <= 1.8.2.
DigitalME eRoom eroom-zoom-meetings-webinar plugin through version 1.5.6 exposes sensitive data in sent communications due to improper data handling, allowing unauthenticated remote attackers with user interaction to retrieve embedded sensitive information across site boundaries. EPSS exploitation probability is low at 0.04%, but the vulnerability affects confidentiality, integrity, and availability through information disclosure mechanisms that may be chained with other flaws.
Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through 2.1.5-2.1.6.
Missing authorization controls in Sparkle FSE WordPress theme versions 1.0.9 and earlier allow unauthenticated attackers to bypass access control restrictions and perform unauthorized actions through exploitable endpoint misconfigurations. This authentication bypass vulnerability, reported by Patchstack security researchers, affects all instances of the Sparkle FSE theme up to version 1.0.9 with low exploit probability (EPSS 0.05%) but represents a direct authorization failure (CWE-862) that could enable unauthorized data access or modification depending on endpoint exposure.
Missing authorization controls in sparklewpthemes Construction Light WordPress theme versions 1.6.7 and earlier allow unauthenticated attackers to bypass access restrictions and access resources that should be protected by role-based access control. The vulnerability stems from incorrectly configured access control security levels, potentially exposing sensitive functionality or data to unauthorized users.
Authorization bypass in PickPlugins Post Grid and Gutenberg Blocks WordPress plugin through version 2.3.23 allows attackers to exploit incorrectly configured access control via user-controlled keys, potentially enabling unauthorized access to post content or plugin functionality. The vulnerability is classified as CWE-639 (Authorization Through User-Controlled Key) and presents a low exploitation probability (EPSS 0.04%, 13th percentile) with no public exploit code or active exploitation confirmed at time of analysis.
Sermon Manager for WordPress plugin through version 2.30.0 allows unauthenticated attackers to exploit missing authorization checks to access or modify sermon data due to incorrectly configured access control security levels. The vulnerability stems from CWE-862 (Missing Authorization) and affects all installations running the vulnerable version range. With an EPSS score of 0.04% (13th percentile), real-world exploitation probability is minimal despite the permission-based nature of the flaw.
Stored HTML injection in Nozomi Networks CMC and Guardian Asset List functionality allows unauthenticated remote attackers to inject malicious HTML tags into asset attributes via crafted network packets, enabling phishing and open redirect attacks when victims view affected assets. CVSS 5.3 (medium severity) with user interaction required; exploitation is bounded by existing Content Security Policy and input validation that prevent full XSS and direct information disclosure.
WP AI CoPilot plugin for WordPress versions through 1.2.7 exposes sensitive information embedded within sent data, allowing attackers to retrieve confidential details without proper access controls. The vulnerability stems from inadequate handling of sensitive data in communications, classified as information disclosure with an EPSS score of 0.04% indicating low real-world exploitation probability. No public exploit code has been identified at time of analysis.
Biopython's Bio.Entrez module through version 1.86 is vulnerable to XML external entity (XXE) injection in doctype parsing, allowing authenticated remote attackers to read arbitrary files or cause denial of service. The vulnerability requires authenticated access and high attack complexity, resulting in a CVSS score of 4.9 with low confidentiality and availability impact across trust boundaries. Exploitation is not currently tracked in CISA KEV and has extremely low EPSS probability (0.07%, 20th percentile), indicating limited real-world risk despite the XXE vector.
Authorization bypass in RadiusTheme Radius Blocks WordPress plugin through version 2.2.1 allows attackers to exploit incorrectly configured access control security levels via user-controlled keys, enabling unauthorized access to restricted functionality. The vulnerability is classified as an insecure direct object reference (IDOR) issue affecting the plugin's access control implementation. While no CVSS score is available and EPSS indicates low exploitation probability (0.04%), the vulnerability demonstrates a fundamental authentication design flaw that could permit escalation of privileges within WordPress installations using this plugin.
Missing authorization controls in the SoliClub Android application (all versions before 5.3.7) allow authenticated low-privilege users to abuse their access and read data beyond their authorization level. The vulnerability, classified as CWE-862, exposes the application to privilege abuse where role or resource-level access checks are absent on one or more network-accessible functions. No public exploit code exists and EPSS stands at 0.03% (10th percentile), indicating no meaningful observed exploitation activity; this is not listed in CISA KEV.
Stored HTML injection in Nozomi Networks CMC and Guardian Time Machine Snapshot Diff feature allows unauthenticated attackers to inject HTML tags into asset attributes across snapshots via specially crafted network packets. When a victim uses the Snapshot Diff feature and performs specific GUI actions, the injected HTML renders in their browser, enabling phishing and open redirect attacks. Full XSS exploitation is mitigated by input validation and Content Security Policy. This vulnerability has not been confirmed as actively exploited, requires high attack complexity (multiple preconditions), and results in low integrity impact with limited scope.
Null pointer dereference in OFFIS DCMTK up to version 3.6.9 within the DcmQueryRetrieveIndexDatabaseHandle::startFindRequest and DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest functions in dcmqrscp causes denial of service. The vulnerability requires local access with low privilege level and results in availability impact through service crash. No public exploit code is confirmed, and EPSS exploitation probability is extremely low at 0.04%, indicating this is a low-priority reliability issue rather than an active security threat.