Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.1.
Stored XSS in Specto CM, a call center management platform by Echo Call Center Services Trade and Industry Inc., allows authenticated low-privileged users to inject persistent malicious scripts that execute in other users' browsers. The changed scope (S:C) in the CVSS vector indicates the injected payload can affect sessions or contexts beyond the attacker's own, elevating the practical impact for multi-user environments. No active exploitation is confirmed (not in CISA KEV), and the EPSS score of 0.02% (7th percentile) indicates very low exploitation probability at time of analysis.
Cross-Site Request Forgery (CSRF) in Five Star Restaurant Reservations WordPress plugin versions ≤2.7.8 enables unauthenticated attackers to perform unauthorized administrative actions through social engineering. With CVSS 8.8 (High), the vulnerability requires no privileges and low attack complexity, though user interaction is necessary. EPSS probability is minimal (0.02%, 6th percentile), indicating low observed exploitation likelihood despite the high CVSS score. No confirmed active exploitation (not in CISA KEV) or public exploit code identified at time of analysis.
Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through <= 1.5.
Cross-Site Request Forgery in WordPress plugin My Auctions Allegro (versions ≤3.6.33) allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users through social engineering. CVSS 8.8 severity stems from potential high confidentiality, integrity, and availability impact if victims are tricked into clicking malicious links while authenticated. EPSS score of 0.02% (6th percentile) indicates very low probability of exploitation in the wild. No active exploitation confirmed (not in CISA KEV), and no public exploit identified at time of analysis, suggesting this remains a theoretical high-severity issue requiring user interaction.
Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Twitch Player: from n/a through <= 2.1.3.
Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bit Assist: from n/a through <= 1.5.11.
Broken access control in Trustindex Widgets for Social Photo Feed (WordPress plugin) through version 1.8 allows authenticated attackers with low privileges to bypass authorization controls and execute high-impact actions. The vulnerability has low attack complexity (CVSS:3.1 AV:N/AC:L/PR:L) enabling compromise of confidentiality, integrity, and availability. EPSS score of 0.06% (18th percentile) indicates relatively low observed exploitation probability, and no public exploit or CISA KEV listing exists at time of analysis, suggesting this remains a patch-priority issue rather than an active threat.
Broken access control in Cooked WordPress plugin versions ≤1.11.3 allows authenticated attackers with low-level privileges to bypass authorization checks and gain unauthorized access to high-privilege functions. The vulnerability stems from missing authorization validation (CWE-862), enabling privilege escalation and unauthorized data manipulation. With CVSS 8.8 and EPSS probability of 0.06% (18th percentile), real-world exploitation risk is moderate; no public exploit identified at time of analysis.
Missing Authorization vulnerability in Funnelforms Funnelforms Free funnelforms-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Funnelforms Free: from n/a through <= 3.8.
Authorization bypass in Wappointment WordPress plugin versions ≤2.7.6 enables low-privileged authenticated attackers to perform unauthorized actions with high impact to confidentiality, integrity, and availability. The vulnerability stems from missing authorization checks (CWE-862), allowing authenticated users to access or modify data beyond their intended permission level. EPSS score of 0.06% (18th percentile) indicates low observed exploitation probability, and no confirmed active exploitation (CISA KEV) or public exploit code is identified at time of analysis.
Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BBP Core: from n/a through <= 1.4.1.
Broken access control in SALESmanago WordPress plugin allows authenticated attackers with low-level privileges to bypass authorization checks and gain unauthorized access to high-privilege functions. Affects versions up to 3.9.0. The vulnerability enables complete compromise of confidentiality, integrity, and availability within the plugin's scope. EPSS score of 0.06% (18th percentile) suggests low observed exploitation probability, and no public exploit identified at time of analysis.
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through <= 1.16.1.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPXPO PostX ultimate-post allows Retrieve Embedded Sensitive Data.This issue affects PostX: from n/a through <= 5.0.3.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Premium Addons for Elementor: from n/a through <= 4.11.53.
Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through <= 0.8.3.
Broken access control in Opinion Stage Poll, Survey & Quiz Maker Plugin for WordPress versions through 19.12.0 allows authenticated attackers with low-level privileges to bypass authorization checks and access or modify high-sensitivity data. The vulnerability (CWE-862: Missing Authorization) enables privilege escalation through improperly configured access control mechanisms. EPSS probability is low at 0.04% (13th percentile), and no public exploit identified at time of analysis, though authentication bypass tags indicate established attack patterns exist for this vulnerability class.
Broken access control in WP Telegram Widget and Join Link plugin versions up to 2.2.12 allows authenticated users with low privileges to bypass authorization checks and access high-sensitivity configuration or data. The vulnerability enables unauthorized read and write operations (CVSS C:H/I:H) without requiring user interaction. EPSS score of 0.04% suggests low observed exploitation probability, and no public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.
Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FV Simpler SEO: from n/a through <= 1.9.6.
Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through <= 2.0.4.
Missing authorization in Claspo WordPress plugin through version 1.0.7 allows unauthenticated remote attackers to modify data via incorrectly configured access controls. With CVSS 7.5 (High integrity impact) but only 0.04% EPSS probability, this represents elevated exposure in vulnerable installations despite low observed exploitation likelihood. No public exploit identified at time of analysis, though the authentication bypass tag indicates potential for unauthorized actions without credentials.
Insertion of Sensitive Information Into Sent Data vulnerability in Essekia Tablesome tablesome allows Retrieve Embedded Sensitive Data.This issue affects Tablesome: from n/a through <= 1.1.35.1.
Server-Side Request Forgery in WordPress Link Library plugin versions up to 7.8.7 allows unauthenticated remote attackers to make arbitrary HTTP requests from the server, potentially accessing internal resources, cloud metadata endpoints, or conducting reconnaissance of internal network infrastructure. CVSS score of 9.1 indicates high severity, though EPSS of 0.04% (14th percentile) suggests limited observed exploitation attempts. No active exploitation confirmed (not in CISA KEV) and no public exploit identified at time of analysis.
Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Slider - Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider - Addons For Elementor: from n/a through <= 4.0.10.
Missing Authorization vulnerability in Liton Arefin WP Adminify adminify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Adminify: from n/a through <= 4.0.6.1.
Missing Authorization vulnerability in Virusdie Virusdie virusdie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virusdie: from n/a through <= 1.1.6.
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through <= 1.1.6.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in 10up Eight Day Week Print Workflow eight-day-week-print-workflow allows Retrieve Embedded Sensitive Data.This issue affects Eight Day Week Print Workflow: from n/a through <= 1.2.5.
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.1.
Access control bypass in TS Poll WordPress plugin (versions ≤2.5.5) allows low-privileged authenticated users to escalate privileges and gain unauthorized read/write access to poll data. Attackers with basic subscriber accounts can exploit misconfigured authorization checks to access or modify content beyond their intended permission level. EPSS exploitation probability is low (0.04%, 13th percentile), with no public exploit identified at time of analysis, suggesting limited immediate risk despite the 8.1 CVSS score.
Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through <= 3.4.5.
Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through <= 5.0.7.
Missing Authorization vulnerability in bnayawpguy Resoto resoto allows Exploiting Incorrectly Configured Access Control Security Levels.0.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Constantin Boiangiu Vimeotheque codeflavors-vimeo-video-post-lite allows Cross Site Request Forgery.This issue affects Vimeotheque: from n/a through <= 2.3.5.2.
Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management Fast User Switching fast-user-switching allows Cross Site Request Forgery.This issue affects Fast User Switching: from n/a through <= 1.4.10.
Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9.
Cross-Site Request Forgery (CSRF) vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through <= 3.12.5.
Cross-Site Request Forgery (CSRF) vulnerability in tmtraderunner Trade Runner traderunner allows Cross Site Request Forgery.This issue affects Trade Runner: from n/a through <= 3.14.
Missing Authorization vulnerability in Ben Balter WP Document Revisions wp-document-revisions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Document Revisions: from n/a through <= 3.7.2.
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon physical link change, firmware reports to the kernel about the change along with. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check Both create_mapping_noalloc() and update_mapping_prot() sanity-check their 'virt' parameter,. No vendor patch available.
Linux kernel iomap subsystem fails to allocate the s_dio_done_wq workqueue for asynchronous read operations, causing read error completions deferred by commit 222f2c7c6d14 to lack proper execution context and potentially leading to information disclosure or system instability. The vulnerability affects Linux kernel versions where the read error completion deferral was implemented without corresponding workqueue allocation for async reads. With an EPSS score of 0.01% and no evidence of active exploitation, this is a low-probability but correctness-critical issue affecting async I/O error handling on affected kernel versions.
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows: __cgroup_bpf_detach update_effective_progs compute_effective_progs bpf_prog_array_alloc <-- fault inject purge_effective_progs /* change to dummy_bpf_prog */ array->items[index] = &dummy_bpf_prog.prog ---softirq start--- __do_softirq ... __cgroup_bpf_run_filter_skb __bpf_prog_run_save_cb bpf_prog_run stats = this_cpu_ptr(prog->stats) /* invalid memory access */ flags = u64_stats_update_begin_irqsave(&stats->syncp) ---softirq end--- static_branch_dec(&cgroup_bpf_enabled_key[atype]) The reason is that fault injection caused update_effective_progs to fail and then changed the original prog into dummy_bpf_prog.prog in purge_effective_progs. Then a softirq came, and accessing the members of dummy_bpf_prog.prog in the softirq triggers invalid mem access. To fix it, skip updating stats when stats is NULL.
Linux kernel Landlock security module fails to properly enforce access controls on disconnected directories (files or directories visible through bind mounts but inaccessible from the mount point after rename/move operations), potentially widening access rights and causing inconsistent access results when sandboxed tasks interact with such paths. The vulnerability affects the Landlock mandatory access control framework's ability to prevent privilege escalation through filesystem operations on out-of-scope paths, requiring the sandboxed task to already possess write access to the bind mount source and read access to the mount point to trigger the issue.
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Use check_add_overflow() to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetric_key_id structure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a possible buffer overflow when copying data from potentially malicious X.509 certificate fields that can be arbitrarily large, such as ASN.1 INTEGER serial numbers, issuer names, etc.
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading to use-after-free and other resource access issues. This race condition occurs because the abort handler may schedule a LUN reset concurrently with device removal via sdev_destroy(), leading to use-after-free and improper access to freed resources. - Check in the device reset handler if the device is still present in the controller's SCSI device list before running; if not, the reset is skipped. - Cancel any pending TMF work that has not started in sdev_destroy(). - Ensure device freeing in sdev_destroy() is done while holding the LUN reset mutex to avoid races with ongoing resets.