460 CVEs tracked today. 54 Critical, 222 High, 153 Medium, 2 Low.
-
CVE-2026-23760
CRITICAL
CVSS 9.8
SmarterTools SmarterMail prior to build 9511 contains a critical authentication bypass in the password reset API (CVE-2026-23760) that allows unauthenticated attackers to reset system administrator passwords without verification. With EPSS 65% and KEV listing, this trivially exploitable vulnerability enables complete email server takeover, compromising all hosted mailboxes and organizational communications.
Authentication Bypass
Smartermail
-
CVE-2026-24379
CRITICAL
CVSS 9.1
WP Job Portal has an authorization bypass through user-controlled keys allowing attackers to access other users' job applications and employer data.
WordPress
-
CVE-2026-24371
CRITICAL
CVSS 9.8
BA Book Everything WordPress plugin has a missing authorization vulnerability allowing unauthenticated users to access and modify booking data.
Authentication Bypass
-
CVE-2026-24307
CRITICAL
CVSS 9.3
M365 Copilot has an input validation vulnerability allowing unauthorized attackers to extract sensitive information through crafted prompts over the network.
Information Disclosure
365 Copilot
-
CVE-2026-24306
CRITICAL
CVSS 9.8
Azure Front Door has an improper access control vulnerability (CVSS 9.8) allowing unauthorized attackers to elevate privileges through the CDN and WAF infrastructure.
Azure
Azure Front Door
-
CVE-2026-24305
CRITICAL
CVSS 9.3
Azure Entra ID (formerly Azure AD) has an elevation of privilege vulnerability allowing attackers to escalate permissions within the identity platform.
Azure
Entra Id
-
CVE-2026-24124
CRITICAL
CVSS 9.8
Dragonfly P2P file distribution system versions 2.4.1-rc.0 and below have a missing authentication vulnerability allowing unauthenticated access to the management API.
Authentication Bypass
Dragonfly
Suse
-
CVE-2026-24058
CRITICAL
CVSS 9.8
Soft Serve self-hosted Git server versions 0.11.2 and below have a critical authentication bypass that allows unauthenticated access to private repositories.
Ssh
Authentication Bypass
Soft Serve
Suse
-
CVE-2026-24042
CRITICAL
CVSS 9.4
Appsmith platform version 1.94 and below has a missing authorization vulnerability that allows unauthenticated access to publicly deployed applications' internal APIs.
Information Disclosure
Appsmith
-
CVE-2026-24002
CRITICAL
CVSS 9.0
Grist spreadsheet software has an injection vulnerability in Python formula execution that allows authenticated users to escape the formula sandbox and execute arbitrary code.
Python
AI / ML
Grist Core
-
CVE-2026-23978
CRITICAL
CVSS 9.8
A WordPress plugin has a PHP Remote File Inclusion vulnerability (CWE-98) allowing unauthenticated attackers to include and execute arbitrary remote PHP files.
PHP
Lfi
-
CVE-2026-23975
CRITICAL
CVSS 9.8
A WordPress plugin has a PHP Remote File Inclusion vulnerability enabling unauthenticated remote code execution through crafted include paths.
PHP
Lfi
-
CVE-2026-23966
CRITICAL
CVSS 9.1
The sm-crypto JavaScript library has a private key recovery vulnerability in its SM2 implementation, allowing attackers to extract secret keys from signatures.
Authentication Bypass
Sm Crypto
-
CVE-2026-23958
CRITICAL
CVSS 9.8
DataEase data visualization tool prior to 2.10.19 uses MD5-hashed passwords without salting, allowing attackers to crack credentials and gain unauthorized access.
Authentication Bypass
Dataease
-
CVE-2026-23873
CRITICAL
CVSS 9.0
HUSTOJ online judge system has a CSV injection vulnerability in all versions that allows code execution through crafted submissions exported to spreadsheets.
Linux
PHP
MySQL
Hustoj
-
CVE-2026-22482
CRITICAL
CVSS 9.1
IMGspider WordPress plugin has a Server-Side Request Forgery vulnerability enabling attackers to make the server perform requests to internal network resources.
SSRF
-
CVE-2026-21264
CRITICAL
CVSS 9.3
Microsoft Account has a cross-site scripting vulnerability allowing unauthenticated attackers to execute scripts in the context of Microsoft Account pages.
Microsoft
XSS
Account
-
CVE-2026-20912
CRITICAL
CVSS 9.1
Gitea fails to validate repository ownership when linking attachments to releases, allowing users to attach files from one repository to releases in another.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-20897
CRITICAL
CVSS 9.1
Gitea fails to validate repository ownership when deleting Git LFS locks, allowing users with write access to one repo to delete LFS locks in other repositories.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-20750
CRITICAL
CVSS 9.1
Gitea does not properly validate project ownership in organization operations, allowing users with project write access to manipulate projects belonging to other organizations.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-1331
CRITICAL
CVSS 9.8
HAMASTAR MeetingHub has an arbitrary file upload vulnerability allowing unauthenticated remote attackers to upload web shells and achieve full server compromise.
File Upload
RCE
Meetinghub Paperless Meetings
-
CVE-2026-0920
CRITICAL
CVSS 9.8
LA-Studio Element Kit for Elementor WordPress plugin allows unauthenticated admin user creation, enabling complete WordPress site takeover.
WordPress
-
CVE-2025-69828
CRITICAL
CVSS 10.0
TMS Management Console v6.3.7 has a CVSS 10.0 arbitrary file upload vulnerability allowing remote attackers to execute arbitrary code on the server without authentication.
Golang
-
CVE-2025-69764
CRITICAL
CVSS 9.8
Tenda AX3 firmware has another stack-based buffer overflow in formGetIptv through a different input path, enabling remote code execution.
RCE
Buffer Overflow
Stack Overflow
Memory Corruption
Ax3 Firmware
-
CVE-2025-69312
CRITICAL
CVSS 9.1
Xpro Elementor Addons WordPress plugin has an unrestricted file upload allowing attackers to upload dangerous file types through the Elementor builder integration.
File Upload
-
CVE-2025-69101
CRITICAL
CVSS 9.8
Workreap Core WordPress plugin has an authentication bypass allowing unauthenticated users to access protected functionality through an alternate authentication path.
Authentication Bypass
-
CVE-2025-69079
CRITICAL
CVSS 9.8
ThemeREX Sound/musicplace WordPress theme has an insecure deserialization vulnerability enabling PHP object injection and potential remote code execution.
Deserialization
-
CVE-2025-69052
CRITICAL
CVSS 9.8
FmeAddons Registration & Login with Mobile Phone Number for WooCommerce has a missing authorization vulnerability allowing unauthenticated access to protected functionality.
WordPress
PHP
-
CVE-2025-68986
CRITICAL
CVSS 9.9
Miion WordPress theme by zozothemes has an unrestricted file upload vulnerability allowing unauthenticated web shell deployment and server compromise.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-68910
CRITICAL
CVSS 9.9
Blogzee WordPress theme by blazethemes has an unrestricted file upload vulnerability — the fourth blazethemes product affected by the same shared vulnerable upload component.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-68909
CRITICAL
CVSS 9.9
Blogistic WordPress theme by blazethemes has an unrestricted file upload vulnerability enabling attackers to deploy web shells for persistent server access.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-68869
CRITICAL
CVSS 9.8
LazyTasks project management WordPress plugin has an incorrect privilege assignment vulnerability allowing low-privileged users to escalate to administrator, gaining full site control.
Privilege Escalation
-
CVE-2025-68857
CRITICAL
CVSS 9.3
Paid Downloads WordPress plugin has a SQL injection vulnerability enabling database compromise through the download management functionality.
SQLi
-
CVE-2025-68034
CRITICAL
CVSS 9.3
CleverReach WordPress plugin has a SQL injection vulnerability allowing attackers to extract email marketing data and WordPress credentials from the database.
SQLi
-
CVE-2025-68018
CRITICAL
CVSS 9.4
Order Listener for WooCommerce has a missing authorization vulnerability enabling unauthenticated access to order data and administrative functions.
WordPress
Authentication Bypass
-
CVE-2025-68015
CRITICAL
CVSS 9.0
Event Tickets with Ticket Scanner WordPress plugin has a code injection vulnerability allowing remote code execution through the event management system.
Code Injection
RCE
-
CVE-2025-68001
CRITICAL
CVSS 9.8
g-FFL Checkout WordPress plugin has an unrestricted file upload vulnerability allowing attackers to upload web shells for remote code execution.
File Upload
-
CVE-2025-67968
CRITICAL
CVSS 9.9
Real Homes CRM WordPress plugin has an unrestricted file upload allowing web shell deployment for persistent remote code execution.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-67945
CRITICAL
CVSS 9.3
MailerLite WordPress plugin has a SQL injection vulnerability enabling attackers to extract sensitive data from the WordPress database.
WordPress
SQLi
PHP
-
CVE-2025-67944
CRITICAL
CVSS 9.1
Nelio AB Testing WordPress plugin has a code injection vulnerability allowing attackers to execute arbitrary code through the A/B testing functionality.
Code Injection
-
CVE-2025-67617
CRITICAL
CVSS 9.8
Consult Aid WordPress theme has an insecure deserialization vulnerability allowing object injection that can lead to remote code execution.
Deserialization
-
CVE-2025-64097
CRITICAL
CVSS 9.8
NervesHub OTA firmware management has a weak random number generation vulnerability that allows attackers to predict firmware update tokens and push malicious updates.
Authentication Bypass
Nerveshub
-
CVE-2025-62754
CRITICAL
CVSS 9.1
Payment Gateway bKash for WooCommerce has a missing authorization vulnerability allowing attackers to exploit incorrect access controls for privilege escalation.
Authentication Bypass
-
CVE-2025-62741
CRITICAL
CVSS 9.1
Pool Services WordPress plugin has a Server-Side Request Forgery vulnerability allowing attackers to make the server perform arbitrary HTTP requests to internal and external targets.
SSRF
-
CVE-2025-62056
CRITICAL
CVSS 9.9
News Event WordPress theme by blazethemes has an unrestricted file upload allowing web shell deployment and remote code execution.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-62050
CRITICAL
CVSS 9.9
Blogmatic WordPress theme by blazethemes has an unrestricted file upload vulnerability allowing attackers to upload web shells for persistent server access.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-56590
CRITICAL
CVSS 9.8
Apryse HTML2PDF SDK through version 11.10 has a command injection vulnerability in the InsertFromURL function allowing remote code execution when converting HTML to PDF.
Command Injection
RCE
Html2pdf
-
CVE-2025-54816
CRITICAL
CVSS 9.4
A WebSocket endpoint lacks proper authentication, allowing unauthenticated users to connect and interact with real-time data streams and server-side functionality.
Privilege Escalation
Evmapa
-
CVE-2025-54003
CRITICAL
CVSS 9.8
A WordPress plugin has a PHP Remote File Inclusion vulnerability (CWE-98) that allows unauthenticated attackers to execute arbitrary remote PHP code on the server.
PHP
Lfi
-
CVE-2025-50003
CRITICAL
CVSS 9.8
A WordPress plugin has a PHP Remote File Inclusion vulnerability allowing attackers to include malicious remote PHP files for unauthenticated code execution.
PHP
Lfi
-
CVE-2025-50002
CRITICAL
CVSS 9.8
Farost Energia WordPress plugin allows unrestricted file upload enabling attackers to upload web shells and achieve remote code execution on the WordPress server.
File Upload
-
CVE-2025-49994
CRITICAL
CVSS 9.8
A WordPress plugin has a PHP Remote File Inclusion vulnerability (CWE-98) enabling unauthenticated remote code execution through crafted include paths.
PHP
Lfi
-
CVE-2025-49055
CRITICAL
CVSS 9.8
WP Learn SQL Injection allows unauthenticated attackers to execute arbitrary SQL queries against the WordPress database, exposing all stored data.
WordPress
SQLi
PHP
-
CVE-2025-47474
CRITICAL
CVSS 9.8
A WordPress plugin has a PHP Remote File Inclusion vulnerability allowing unauthenticated attackers to include and execute arbitrary remote PHP files on the server.
PHP
Lfi
-
CVE-2026-24390
HIGH
CVSS 7.5
QantumThemes Kentha Elementor Widgets kentha-elementor is affected by php remote file inclusion (CVSS 7.5).
PHP
Lfi
-
CVE-2026-24380
HIGH
CVSS 8.8
Metagauss EventPrime eventprime-event-calendar-management is affected by missing authorization (CVSS 8.8).
Authentication Bypass
-
CVE-2026-24377
HIGH
CVSS 7.5
POSIMYTH Nexter Blocks the-plus-addons-for-block-editor contains a security vulnerability (CVSS 7.5).
Information Disclosure
-
CVE-2026-24368
HIGH
CVSS 8.8
Improper access control in Theme-one The Grid versions prior to 2.8.0 enables authenticated users to bypass authorization checks and gain unauthorized access to sensitive functionality. An attacker with valid credentials could exploit misconfigured security levels to read, modify, or delete data without proper permissions. No patch is currently available.
Authentication Bypass
-
CVE-2026-24367
HIGH
CVSS 8.8
Blind SQL injection in shinetheme Traveler versions before 3.2.8 enables authenticated attackers to extract sensitive database information through manipulated SQL queries. An attacker with valid credentials can exploit this vulnerability to read, modify, or delete arbitrary data with no user interaction required. No patch is currently available.
SQLi
-
CVE-2026-24358
HIGH
CVSS 8.8
ExpressTech Systems Quiz And Survey Master quiz-master-next is affected by missing authorization (CVSS 8.8).
Authentication Bypass
-
CVE-2026-24357
HIGH
CVSS 8.1
Inadequate access control in WP Recipe Maker versions 10.2.4 and earlier allows authenticated users to bypass authorization checks and perform unauthorized actions. An attacker with low-level WordPress credentials could exploit this vulnerability to gain elevated privileges and modify sensitive recipe data without proper permissions.
WordPress
-
CVE-2026-24356
HIGH
CVSS 8.8
Roxnor GetGenie versions up to 4.3.0 contain an authorization bypass vulnerability that allows authenticated users to exploit misconfigured access controls and gain unauthorized access to sensitive functionality. An attacker with low-level credentials can escalate privileges to perform confidential data theft, modify critical information, or disrupt service availability. No patch is currently available.
Authentication Bypass
-
CVE-2026-24353
HIGH
CVSS 8.1
Improper access control in wpeverest User Registration plugin through version 4.4.9 allows authenticated attackers to bypass authorization checks and gain unauthorized access to sensitive functionality. An attacker with low-privilege credentials can exploit misconfigured security levels to perform actions beyond their intended permissions, potentially exposing or modifying user registration data. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-24129
HIGH
CVSS 8.0
Runtipi versions 3.7.0 through 4.6.x suffer from arbitrary command execution when authenticated users upload backups with malicious filenames containing shell metacharacters, which the BackupManager fails to sanitize before executing restore operations. An attacker with valid credentials can craft a backup filename like $(id).tar.gz to achieve remote code execution on the host server with the privileges of the Runtipi process. Public exploit code exists for this vulnerability, and patches are available in version 4.7.0 and later.
Docker
Runtipi
-
CVE-2026-24049
HIGH
CVSS 7.1
Malicious wheel files can modify file permissions on critical system files during extraction in Python wheel versions 0.40.0-0.46.1, enabling attackers to alter SSH keys, configuration files, or executable scripts. This path traversal and permission manipulation flaw affects systems unpacking untrusted wheels and can lead to privilege escalation or arbitrary code execution. Public exploit code exists for this vulnerability, though a patch is available in version 0.46.2.
Python
Ssh
Privilege Escalation
Wheel
Redhat
-
CVE-2026-24038
HIGH
CVSS 8.1
Horilla HRMS versions prior to 1.5.0 allow authenticated attackers to bypass two-factor authentication due to improper OTP validation that treats missing OTP fields as valid when the OTP has expired. Public exploit code exists for this vulnerability, enabling attackers with user credentials to gain unauthorized access to accounts, particularly administrative accounts with access to sensitive HR data and employee records. An attacker exploiting this flaw could manipulate employee information and compromise system-wide operations.
Authentication Bypass
Horilla
-
CVE-2026-24010
HIGH
CVSS 8.0
Horilla versions up to 1.5.0 contains a vulnerability that allows attackers to deploy phishing attacks (CVSS 8.0).
File Upload
Horilla
-
CVE-2026-24009
HIGH
CVSS 8.1
Remote code execution in Docling Core versions 2.21.0 through 2.48.3 allows unauthenticated attackers to execute arbitrary code when applications deserialize untrusted YAML data using the `DoclingDocument.load_from_yaml()` method with vulnerable PyYAML versions. The vulnerability stems from unsafe deserialization practices (CWE-502) and affects document processing systems using affected library versions. No patch is currently available; mitigation requires upgrading to version 2.48.4 or ensuring PyYAML 5.4+ is installed.
RCE
Deserialization
-
CVE-2026-24006
HIGH
CVSS 7.5
Seroval versions 1.4.0 and below are vulnerable to denial of service attacks due to unbounded recursion when serializing deeply nested objects, allowing remote attackers to crash applications by exceeding the call stack limit. The vulnerability affects the deserialization library's handling of complex data structures without depth validation. Version 1.4.1 introduces a configurable depthLimit parameter to prevent exploitation of this resource exhaustion condition.
Deserialization
Denial Of Service
Redhat
Suse
-
CVE-2026-24001
HIGH
CVSS 7.5
Denial-of-service in jsdiff versions prior to 8.0.3, 5.2.2, 4.0.4, and 3.5.1 allows unauthenticated remote attackers to crash applications by providing maliciously crafted patches with line break characters in filename headers, triggering an infinite loop that exhausts system memory. Applications calling parsePatch with user-supplied input are vulnerable regardless of input size restrictions. A patch is available for all affected versions.
Denial Of Service
Jsdiff
Redhat
-
CVE-2026-23988
HIGH
CVSS 7.3
Arbitrary code execution with Administrator privileges in Rufus versions 4.11 and below due to a race condition in PowerShell script handling within the %TEMP% directory. A local attacker can replace the legitimate Fido script with malicious code between file creation and execution, since Rufus runs elevated but writes to a world-writable location without file locking. Public exploit code exists for this vulnerability, which is fixed in version 4.12_BETA.
Race Condition
Rufus
-
CVE-2026-23976
HIGH
CVSS 7.1
WP Chill Modula Image Gallery modula-best-grid-gallery is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2026-23974
HIGH
CVSS 8.8
Uxper Golo versions prior to 1.7.5 contain an access control bypass that allows authenticated attackers to exploit improperly configured security levels to gain unauthorized access to sensitive functions and data. An attacker with valid credentials can leverage this missing authorization check to escalate privileges and perform administrative actions without proper permission validation. No patch is currently available for this high-severity vulnerability (CVSS 8.8).
Authentication Bypass
-
CVE-2026-23967
HIGH
CVSS 7.5
Sm-Crypto versions up to 0.3.14. is affected by improper verification of cryptographic signature (CVSS 7.5).
Information Disclosure
Sm Crypto
-
CVE-2026-23965
HIGH
CVSS 7.5
SM2 signature forgery in sm-crypto prior to version 0.4.0 allows unauthenticated attackers to create valid signatures for arbitrary public keys, potentially enabling message authentication bypass in applications using the library's default configuration. An attacker can also manipulate message prefixes to meet specific formatting constraints when sufficient redundancy exists in the message space. A patch is available in version 0.4.0 and later.
Information Disclosure
Sm Crypto
-
CVE-2026-23962
HIGH
CVSS 7.5
Mastodon is a free, open-source social network server based on ActivityPub. [CVSS 7.5 HIGH]
Denial Of Service
Mastodon
-
CVE-2026-23957
HIGH
CVSS 7.5
Seroval versions 1.4.0 and below are vulnerable to denial of service through malformed deserialization payloads that specify excessively large array lengths, causing the parsing process to consume excessive CPU resources and become unresponsive. An unauthenticated remote attacker can exploit this without user interaction by sending a crafted serialized object to any application using the vulnerable library. The vulnerability has been patched in version 1.4.1.
Deserialization
Denial Of Service
Redhat
Suse
-
CVE-2026-23956
HIGH
CVSS 7.5
Seroval versions 1.4.0 and below allow remote attackers to cause denial of service through maliciously crafted RegExp patterns during deserialization, either by exhausting memory with oversized patterns or triggering catastrophic backtracking (ReDoS). The vulnerability requires no authentication or user interaction and affects any application using the library to deserialize untrusted serialized data. A patch is available in version 1.4.1.
Denial Of Service
Deserialization
Seroval
Redhat
Suse
-
CVE-2026-23954
HIGH
CVSS 8.7
Incus is a system container and virtual machine manager. [CVSS 8.7 HIGH]
Path Traversal
Incus
Suse
-
CVE-2026-23953
HIGH
CVSS 8.7
Incus contains a vulnerability that allows attackers to adding arbitrary lifecycle hooks, ultimately resulting in arbitrary command exec (CVSS 8.7).
Code Injection
Incus
Suse
-
CVE-2026-23699
HIGH
CVSS 7.2
Unauthenticated attackers can execute arbitrary OS commands on AP180 series devices running firmware versions before AP_RGOS 11.9(4)B1P8 through a command injection vulnerability. This allows complete system compromise including data theft, modification, and availability disruption. No patch is currently available.
Command Injection
-
CVE-2026-22481
HIGH
CVSS 8.8
Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-order-ratio-checker is affected by missing authorization (CVSS 8.8).
Authentication Bypass
-
CVE-2026-22472
HIGH
CVSS 8.8
Missing authorization controls in Easy Form Builder versions 3.9.6 and earlier enable authenticated attackers to exploit improperly configured access restrictions and gain unauthorized capabilities. An attacker with valid credentials can bypass intended security boundaries to read, modify, or delete form data and configurations they should not have access to. No patch is currently available for this vulnerability affecting the Easy Form Builder plugin.
Authentication Bypass
-
CVE-2026-22470
HIGH
CVSS 7.6
FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin is affected by sql injection (CVSS 7.6).
SQLi
-
CVE-2026-22464
HIGH
CVSS 7.5
wphocus My auctions allegro my-auctions-allegro-free-edition is affected by php remote file inclusion (CVSS 7.5).
PHP
Lfi
-
CVE-2026-22402
HIGH
CVSS 7.5
Pavothemes Triply versions 2.4.7 and earlier contain a local file inclusion vulnerability in PHP that allows authenticated attackers to read arbitrary files on the server. An attacker with valid credentials can manipulate filename parameters to bypass access controls and potentially execute code or expose sensitive data. No patch is currently available for this vulnerability.
PHP
Lfi
-
CVE-2026-22401
HIGH
CVSS 7.5
Pavothemes Freshio versions 2.4.2 and earlier contain a local file inclusion vulnerability in PHP that allows unauthenticated remote attackers to read sensitive files on affected systems. The vulnerability stems from improper validation of file paths in include/require statements, enabling disclosure of confidential information such as configuration files and source code. This vulnerability currently lacks a published patch and has a low exploitation prevalence rate.
PHP
Lfi
-
CVE-2026-22355
HIGH
CVSS 7.1
gregmolnar Simple XML Sitemap simple-xml-sitemap is affected by cross-site request forgery (csrf) (CVSS 7.1).
CSRF
-
CVE-2026-22278
HIGH
CVSS 8.1
Powerscale Onefs versions up to 9.13.0.0 is affected by improper restriction of excessive authentication attempts (CVSS 8.1).
Authentication Bypass
Dell
Powerscale Onefs
-
CVE-2026-21524
HIGH
CVSS 7.4
Azure Data Explorer exposes sensitive information to unauthenticated remote attackers through a network-accessible vulnerability requiring only user interaction. An attacker can retrieve confidential data without authorization, potentially compromising customer information stored in affected Azure deployments. No patch is currently available for this high-severity vulnerability.
Azure
Azure Data Explorer
-
CVE-2026-21521
HIGH
CVSS 7.4
Information disclosure in Microsoft 365 Word Copilot enables unauthenticated attackers to extract sensitive data through improper handling of escape and control sequences in network communications. The vulnerability requires user interaction to trigger and affects the Copilot AI/ML service with a CVSS score of 7.4. No patch is currently available.
Information Disclosure
AI / ML
365 Word Copilot
-
CVE-2026-21520
HIGH
CVSS 7.5
Unauthenticated attackers can remotely access sensitive information in Microsoft Copilot Studio due to improper access controls, requiring no authentication or user interaction. This network-based vulnerability exposes confidential data to unauthorized disclosure with no patch currently available.
Command Injection
AI / ML
Copilot Studio
-
CVE-2026-21227
HIGH
CVSS 8.2
Privilege escalation in Azure Logic Apps results from improper path validation, enabling remote attackers to gain elevated access without authentication or user interaction. Organizations using Azure Logic Apps are at risk of unauthorized privilege elevation through network-based attacks, with no available patch currently provided.
Azure
Path Traversal
Azure Logic Apps
-
CVE-2026-20736
HIGH
CVSS 7.5
Gitea fails to properly validate repository ownership when processing attachment deletion requests, allowing an authenticated attacker to delete files from repositories they no longer have access to by routing deletion requests through a different accessible repository. This authorization bypass affects all users who have uploaded attachments to shared repositories and could result in loss of critical project documentation or resources. A patch is available to address this improper access control vulnerability.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-1330
HIGH
CVSS 7.5
MeetingHub Paperless Meetings contains an arbitrary file read vulnerability that enables unauthenticated remote attackers to download sensitive system files through path traversal exploitation. The vulnerability affects all installations without authentication requirements, allowing attackers to access confidential data with high confidentiality impact. No patch is currently available for this issue.
Path Traversal
Meetinghub Paperless Meetings
-
CVE-2026-1329
HIGH
CVSS 8.8
Stack-based buffer overflow in Tenda AX1803 firmware version 1.0.0.1 allows unauthenticated remote attackers to execute arbitrary code by manipulating guest network parameters in the /goform/WifiGuestSet function. Public exploit code exists for this vulnerability, and no patch is currently available. This affects devices running the vulnerable firmware with network-accessible management interfaces.
Buffer Overflow
Stack Overflow
Ax1803 Firmware
-
CVE-2026-1328
HIGH
CVSS 8.8
Buffer overflow in Totolik NR1800X firmware allows authenticated remote attackers to achieve complete system compromise through malformed SSID parameters in the setWizardCfg POST handler. Public exploit code is available and no patch has been released, leaving affected devices vulnerable to remote code execution. This vulnerability requires valid credentials but presents critical risk given the device's network exposure and lack of mitigation options.
Buffer Overflow
Nr1800x Firmware
-
CVE-2026-1324
HIGH
CVSS 8.8
Operation And Maintenance Security Management System versions up to 3.0.12. is affected by command injection (CVSS 8.8).
Ssh
Command Injection
Operation And Maintenance Security Management System
-
CVE-2026-1260
HIGH
CVSS 7.8
Sentencepiece versions below 0.2.1 are vulnerable to memory corruption when processing specially crafted model files, allowing local authenticated attackers to crash the application or potentially execute arbitrary code. This vulnerability requires a malicious model file that deviates from standard training procedures, affecting AI/ML applications that use vulnerable Sentencepiece libraries. No patch is currently available.
Buffer Overflow
AI / ML
Sentencepiece
Redhat
-
CVE-2026-0723
HIGH
CVSS 7.4
GitLab CE/EE versions 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 are vulnerable to two-factor authentication bypass when an attacker has knowledge of a victim's credential ID and can forge device responses. This allows an unauthenticated attacker to circumvent 2FA protections and gain unauthorized access to accounts. No patch is currently available.
Gitlab
-
CVE-2026-0535
HIGH
CVSS 7.1
Stored XSS in Autodesk Fusion allows attackers to inject malicious HTML into component descriptions that executes when users click the payload, enabling local file theft or arbitrary code execution on affected systems. The vulnerability requires user interaction and local access but carries high impact due to the ability to compromise the desktop application's security context. A patch is available for remediation.
XSS
Fusion
-
CVE-2026-0534
HIGH
CVSS 7.1
Stored XSS in Autodesk Fusion allows attackers to inject malicious HTML into part attributes that executes when users interact with crafted files, potentially enabling local file access or arbitrary code execution. This desktop application vulnerability requires user interaction but can compromise system integrity through malicious file sharing. A patch is available.
XSS
Fusion
-
CVE-2026-0533
HIGH
CVSS 7.1
Stored XSS in Autodesk Fusion's design name field allows attackers to inject malicious HTML that executes when users view the delete confirmation dialog, potentially enabling arbitrary code execution or local file access on affected systems. An attacker must first craft a malicious design name that gets stored in the application, then socially engineer a user to interact with the deletion prompt to trigger the payload. A patch is available to address this vulnerability.
XSS
Fusion
-
CVE-2025-69822
HIGH
CVSS 7.4
An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame [CVSS 7.4 HIGH]
Information Disclosure
Erica Smart Fan Firmware
-
CVE-2025-69821
HIGH
CVSS 7.4
Vega Smartwatch Firmware versions up to rb303atv006229 is affected by improper resource shutdown or release (CVSS 7.4).
Denial Of Service
Vega Smartwatch Firmware
-
CVE-2025-69321
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through <= 3.5.5. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-69320
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Magazine grandmagazine allows Reflected XSS.This issue affects Grand Magazine: from n/a through <= 3.5.7. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-69319
HIGH
CVSS 7.5
Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Code Injection.This issue affects Beaver Builder: from n/a through <= 2.9.4.1. [CVSS 7.5 HIGH]
Code Injection
-
CVE-2025-69318
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hossni Mubarak JobWP jobwp allows Stored XSS.This issue affects JobWP: from n/a through <= 2.4.5. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-69314
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through < 4.8.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69313
HIGH
CVSS 7.5
Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3. [CVSS 7.5 HIGH]
Authentication Bypass
-
CVE-2025-69311
HIGH
CVSS 7.6
Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through <= 1.52.1. [CVSS 7.6 HIGH]
Authentication Bypass
-
CVE-2025-69293
HIGH
CVSS 8.8
Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5. [CVSS 8.8 HIGH]
Privilege Escalation
-
CVE-2025-69292
HIGH
CVSS 8.8
Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4. [CVSS 8.8 HIGH]
WordPress
Privilege Escalation
PHP
-
CVE-2025-69193
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.4. [CVSS 7.3 HIGH]
WordPress
PHP
-
CVE-2025-69192
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69191
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingHub: from n/a through <= 1.2.7. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69190
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listihub: from n/a through <= 1.0.6. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69188
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through <= 1.7.1. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69187
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69186
HIGH
CVSS 7.3
e-plugins Hospital Doctor Directory hospital-doctor-directory is affected by missing authorization (CVSS 7.3).
Authentication Bypass
-
CVE-2025-69185
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through <= 1.4.2. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69184
HIGH
CVSS 7.3
e-plugins Institutions Directory institutions-directory is affected by missing authorization (CVSS 7.3).
Authentication Bypass
-
CVE-2025-69183
HIGH
CVSS 8.8
e-plugins Hospital Doctor Directory hospital-doctor-directory contains a security vulnerability (CVSS 8.8).
Privilege Escalation
-
CVE-2025-69182
HIGH
CVSS 8.8
e-plugins Institutions Directory institutions-directory contains a security vulnerability (CVSS 8.8).
Privilege Escalation
-
CVE-2025-69181
HIGH
CVSS 7.3
Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through <= 1.3.4. [CVSS 7.3 HIGH]
Authentication Bypass
-
CVE-2025-69180
HIGH
CVSS 8.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra Portfolio: from n/a through <= 6.7. [CVSS 8.8 HIGH]
SQLi
-
CVE-2025-69102
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Boopathi Rajan WP Test Email wp-test-email allows Reflected XSS.This issue affects WP Test Email: from n/a through <= 1.1.7. [CVSS 7.1 HIGH]
WordPress
XSS
PHP
-
CVE-2025-69100
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes North north-wp allows PHP Local File Inclusion.This issue affects North: from n/a through <= 5.7.5. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69099
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-69097
HIGH
CVSS 8.1
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through <= 1.9.9.5.4. [CVSS 8.1 HIGH]
Path Traversal
-
CVE-2025-69078
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Malta malta allows PHP Local File Inclusion.This issue affects Malta: from n/a through <= 1.3.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69077
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Hobo hobo allows PHP Local File Inclusion.This issue affects Hobo: from n/a through <= 1.0.10. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69076
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Modern Housewife modernhousewife allows PHP Local File Inclusion.This issue affects Modern Housewife: from n/a through <= 1.0.12. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69075
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yolox: from n/a through <= 1.0.15. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69074
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pearson Specter pearsonspecter allows PHP Local File Inclusion.This issue affects Pearson Specter: from n/a through <= 1.11.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69073
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through <= 1.0.11. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69072
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Prider prider allows PHP Local File Inclusion.This issue affects Prider: from n/a through <= 1.1.3.1. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69071
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes TanTum tantum allows PHP Local File Inclusion.This issue affects TanTum: from n/a through <= 1.1.13. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69070
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tornados tornados allows PHP Local File Inclusion.This issue affects Tornados: from n/a through <= 2.1. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69068
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Muji muji allows PHP Local File Inclusion.This issue affects Muji: from n/a through <= 1.2.0. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69067
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tails tails allows PHP Local File Inclusion.This issue affects Tails: from n/a through <= 1.4.12. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69066
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This issue affects Indoor Plants: from n/a through <= 1.2.7. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69065
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Snow Mountain snowmountain allows PHP Local File Inclusion.This issue affects Snow Mountain: from n/a through <= 1.4.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69064
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pets Land petsland allows PHP Local File Inclusion.This issue affects Pets Land: from n/a through <= 1.2.8. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69062
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Weedles weedles allows PHP Local File Inclusion.This issue affects Weedles: from n/a through <= 1.1.12. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69061
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects MoveMe: from n/a through <= 1.2.15. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69060
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes uReach ureach allows PHP Local File Inclusion.This issue affects uReach: from n/a through <= 1.3.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69059
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DiveIt diveit allows PHP Local File Inclusion.This issue affects DiveIt: from n/a through <= 1.4.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69058
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue affects PartyMaker: from n/a through <= 1.1.15. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69057
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Eldon eldon allows PHP Local File Inclusion.This issue affects Eldon: from n/a through <= 1.0. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69056
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through <= 1.4.0. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-69054
HIGH
CVSS 7.1
highwarden Super Logos Showcase superlogoshowcase-wp is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-69053
HIGH
CVSS 7.1
LambertGroup Universal Video Player universal-video-player is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-69051
HIGH
CVSS 7.1
CridioStudio ListingPro Reviews listingpro-reviews is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-69050
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through <= 1.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69049
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Töbel tobel allows PHP Local File Inclusion.This issue affects Töbel: from n/a through <= 1.6. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69048
HIGH
CVSS 7.1
LambertGroup Universal Video Player universal-video-player is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-69047
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech MaxShop sw_maxshop allows PHP Local File Inclusion.This issue affects MaxShop: from n/a through <= 3.6.20. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69046
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebGeniusLab iRecco Core irecco-core allows PHP Local File Inclusion.This issue affects iRecco Core: from n/a through <= 1.3.6. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69045
HIGH
CVSS 8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through <= 1.20.4. [CVSS 8.5 HIGH]
WordPress
SQLi
PHP
-
CVE-2025-69044
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Vango vango allows PHP Local File Inclusion.This issue affects Vango: from n/a through <= 1.3.3. [CVSS 8.1 HIGH]
PHP
Golang
Lfi
-
CVE-2025-69043
HIGH
CVSS 8.2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Rashy rashy allows PHP Local File Inclusion.This issue affects Rashy: from n/a through <= 1.1.3. [CVSS 8.2 HIGH]
PHP
Lfi
-
CVE-2025-69042
HIGH
CVSS 8.2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Lindo lindo allows PHP Local File Inclusion.This issue affects Lindo: from n/a through <= 1.2.5. [CVSS 8.2 HIGH]
PHP
Lfi
-
CVE-2025-69041
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Dekoro dekoro allows PHP Local File Inclusion.This issue affects Dekoro: from n/a through <= 1.0.7. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69040
HIGH
CVSS 8.2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through <= 1.2.1. [CVSS 8.2 HIGH]
PHP
Lfi
-
CVE-2025-69039
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through <= 1.3.4. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69038
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Hyori hyori allows PHP Local File Inclusion.This issue affects Hyori: from n/a through <= 1.3.6. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69037
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Pippo pippo allows PHP Local File Inclusion.This issue affects Pippo: from n/a through <= 1.2.3. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-69036
HIGH
CVSS 8.8
strongholdthemes Tech Life CPT techlife-cpt is affected by deserialization of untrusted data (CVSS 8.8).
Deserialization
-
CVE-2025-69035
HIGH
CVSS 8.8
strongholdthemes Dental Care CPT dentalcare-cpt is affected by deserialization of untrusted data (CVSS 8.8).
Deserialization
-
CVE-2025-69005
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Search & Go search-and-go allows PHP Local File Inclusion.This issue affects Search & Go: from n/a through <= 2.8. [CVSS 8.1 HIGH]
PHP
Golang
Lfi
-
CVE-2025-69004
HIGH
CVSS 8.1
XpeedStudio Bajaar - Highly Customizable WooCommerce WordPress Theme bajaar is affected by php remote file inclusion (CVSS 8.1).
WordPress
PHP
Lfi
-
CVE-2025-69003
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QantumThemes KenthaRadio qt-kentharadio allows Reflected XSS.This issue affects KenthaRadio: from n/a through <= 2.2.0. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-69002
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through <= 3.9. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-68999
HIGH
CVSS 8.5
HappyMonster Happy Addons for Elementor happy-elementor-addons is affected by sql injection (CVSS 8.5).
SQLi
-
CVE-2025-68913
HIGH
CVSS 7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zozothemes Miion miion allows PHP Local File Inclusion.This issue affects Miion: from n/a through <= 1.2.7. [CVSS 7.5 HIGH]
PHP
Lfi
-
CVE-2025-68912
HIGH
CVSS 8.6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Harmonic Design HDForms hdforms allows Path Traversal.This issue affects HDForms: from n/a through <= 1.6.1. [CVSS 8.6 HIGH]
Path Traversal
-
CVE-2025-68908
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in temash Barberry barberry allows PHP Local File Inclusion.This issue affects Barberry: from n/a through <= 2.9.9.87. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-68907
HIGH
CVSS 7.5
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AivahThemes Hostme v2 hostmev2 allows Path Traversal.This issue affects Hostme v2: from n/a through <= 7.0. [CVSS 7.5 HIGH]
Path Traversal
-
CVE-2025-68906
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through <= 11.0.2. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68905
HIGH
CVSS 7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through <= 11.0.0. [CVSS 7.5 HIGH]
PHP
Lfi
-
CVE-2025-68904
HIGH
CVSS 7.1
jegtheme JNews - Frontend Submit jnews-frontend-submit is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-68903
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in AivahThemes Anona anona allows Object Injection.This issue affects Anona: from n/a through <= 8.0. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-68902
HIGH
CVSS 7.3
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through <= 8.0. [CVSS 7.3 HIGH]
Path Traversal
-
CVE-2025-68901
HIGH
CVSS 8.6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through <= 8.0. [CVSS 8.6 HIGH]
Path Traversal
-
CVE-2025-68899
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in designthemes Vivagh vivagh allows Object Injection.This issue affects Vivagh: from n/a through <= 2.4. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-68894
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shoutoutglobal ShoutOut shoutout allows Reflected XSS.This issue affects ShoutOut: from n/a through <= 4.0.2. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68884
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arevico WP Simple Redirect wp-simple-redirect allows Reflected XSS.This issue affects WP Simple Redirect: from n/a through <= 1.1. [CVSS 7.1 HIGH]
WordPress
XSS
PHP
-
CVE-2025-68883
HIGH
CVSS 7.1
extremeidea bidorbuy Store Integrator bidorbuystoreintegrator is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-68882
HIGH
CVSS 7.5
Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through <= 1.1.3. [CVSS 7.5 HIGH]
Authentication Bypass
-
CVE-2025-68881
HIGH
CVSS 8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal AppExperts appexperts allows SQL Injection.This issue affects AppExperts: from n/a through <= 1.4.5. [CVSS 8.5 HIGH]
SQLi
-
CVE-2025-68871
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noCreativity Dooodl dooodl allows Reflected XSS.This issue affects Dooodl: from n/a through <= 2.3.0. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68866
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woofer696 Dinatur dinatur allows Stored XSS.This issue affects Dinatur: from n/a through <= 1.18. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68864
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infility Infility Global infility-global allows Stored XSS.This issue affects Infility Global: from n/a through <= 2.14.50. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68859
HIGH
CVSS 7.1
agmorpheus Syntax Highlighter Compress syntax-highlighter-compress is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-68858
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Casey Bisson wpCAS wpcas allows Reflected XSS.This issue affects wpCAS: from n/a through <= 1.07. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68849
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through <= 7.1.1. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68839
HIGH
CVSS 7.1
Remi Corson Easy Theme Options easy-theme-options is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-68838
HIGH
CVSS 7.1
expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-68835
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matiskiba Ravpage ravpage allows Reflected XSS.This issue affects Ravpage: from n/a through <= 2.33. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68538
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through <= 2.3.6. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68520
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods DotLife dotlife allows Reflected XSS.This issue affects DotLife: from n/a through < 4.9.5. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68518
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Hoteller hoteller allows Reflected XSS.This issue affects Hoteller: from n/a through < 6.8.9. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68510
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through < 7.7.5. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-68059
HIGH
CVSS 7.6
Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through <= 1.4.2. [CVSS 7.6 HIGH]
Authentication Bypass
-
CVE-2025-68058
HIGH
CVSS 7.6
e-plugins Institutions Directory institutions-directory is affected by missing authorization (CVSS 7.6).
Authentication Bypass
-
CVE-2025-68057
HIGH
CVSS 7.6
e-plugins Hospital Doctor Directory hospital-doctor-directory is affected by missing authorization (CVSS 7.6).
Authentication Bypass
-
CVE-2025-68047
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through <= 4.1.1. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-68041
HIGH
CVSS 7.1
codisto Omnichannel for WooCommerce codistoconnect is affected by cross-site scripting (xss) (CVSS 7.1).
WordPress
XSS
PHP
-
CVE-2025-68035
HIGH
CVSS 7.5
Insertion of Sensitive Information Into Sent Data vulnerability in tabbyai Tabby Checkout tabby-checkout allows Retrieve Embedded Sensitive Data.This issue affects Tabby Checkout: from n/a through <= 5.8.4. [CVSS 7.5 HIGH]
Information Disclosure
-
CVE-2025-68030
HIGH
CVSS 7.2
WP Messiah Frontis Blocks frontis-blocks is affected by server-side request forgery (ssrf) (CVSS 7.2).
SSRF
-
CVE-2025-68027
HIGH
CVSS 7.3
Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32. [CVSS 7.3 HIGH]
Privilege Escalation
-
CVE-2025-68017
HIGH
CVSS 7.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Antideo Antideo Email Validator antideo-email-validator allows Blind SQL Injection.This issue affects Antideo Email Validator: from n/a through <= 1.0.10. [CVSS 7.5 HIGH]
SQLi
-
CVE-2025-68012
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dmytro Shteflyuk CodeColorer codecolorer allows Stored XSS.This issue affects CodeColorer: from n/a through <= 0.10.1. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68011
HIGH
CVSS 7.1
GLS GLS Shipping for WooCommerce gls-shipping-for-woocommerce is affected by cross-site scripting (xss) (CVSS 7.1).
WordPress
XSS
PHP
-
CVE-2025-68010
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in netgsm Netgsm netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through <= 2.9.63. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-68008
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mndpsingh287 WP Mail wp-mail allows Reflected XSS.This issue affects WP Mail: from n/a through <= 1.3. [CVSS 7.1 HIGH]
WordPress
XSS
PHP
-
CVE-2025-68004
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kapil Chugh My Post Order my-posts-order allows Reflected XSS.This issue affects My Post Order: from n/a through <= 1.2.1.1. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67967
HIGH
CVSS 7.6
Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through <= 1.3.3. [CVSS 7.6 HIGH]
Authentication Bypass
-
CVE-2025-67966
HIGH
CVSS 8.8
Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through <= 1.3.3. [CVSS 8.8 HIGH]
Privilege Escalation
-
CVE-2025-67964
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey Core homey-core allows Reflected XSS.This issue affects Homey Core: from n/a through <= 2.4.3. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67963
HIGH
CVSS 8.6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ovatheme Movie Booking movie-booking allows Path Traversal.This issue affects Movie Booking: from n/a through <= 1.1.5. [CVSS 8.6 HIGH]
Path Traversal
-
CVE-2025-67960
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through <= 1.7.06. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67959
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through <= 4.1.07. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67957
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TangibleWP Listivo Core listivo-core allows PHP Local File Inclusion.This issue affects Listivo Core: from n/a through <= 2.3.77. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67956
HIGH
CVSS 8.2
Missing Authorization vulnerability in wpeverest User Registration user-registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through <= 4.4.6. [CVSS 8.2 HIGH]
Authentication Bypass
-
CVE-2025-67955
HIGH
CVSS 7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TangibleWP MyHome Core myhome-core allows PHP Local File Inclusion.This issue affects MyHome Core: from n/a through <= 4.1.0. [CVSS 7.5 HIGH]
PHP
Lfi
-
CVE-2025-67953
HIGH
CVSS 8.1
Booking Activities Team Booking Activities booking-activities contains a security vulnerability (CVSS 8.1).
Privilege Escalation
-
CVE-2025-67952
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through < 5.6.2. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67949
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designingmedia Hostiko hostiko allows Reflected XSS.This issue affects Hostiko: from n/a through < 94.3.6. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67947
HIGH
CVSS 7.1
scriptsbundle AdForest Elementor adforest-elementor is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-67946
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through <= 6.0.11. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67943
HIGH
CVSS 7.1
wphocus My auctions allegro my-auctions-allegro-free-edition is affected by cross-site scripting (xss) (CVSS 7.1).
XSS
-
CVE-2025-67941
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle theaisle allows PHP Local File Inclusion.This issue affects The Aisle: from n/a through < 2.9.1. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67940
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through < 3.2.1. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67938
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Biagiotti biagiotti allows PHP Local File Inclusion.This issue affects Biagiotti: from n/a through < 3.5.2. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67923
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through <= 3.7.7. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67684
HIGH
CVSS 7.2
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. [CVSS 7.2 HIGH]
PHP
RCE
Lfi
Path Traversal
Quick.Cart
-
CVE-2025-67620
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CleverSoft Anon anon2x allows Reflected XSS.This issue affects Anon: from n/a through <= 2.2.10. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67619
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through <= 3.2. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-67616
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Mella mella allows PHP Local File Inclusion.This issue affects Mella: from n/a through <= 1.2.29. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67615
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in bslthemes Myour myour allows PHP Local File Inclusion.This issue affects Myour: from n/a through <= 1.5.1. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-67614
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in foreverpinetree TheNa thena allows Reflected XSS.This issue affects TheNa: from n/a through <= 1.5.5. [CVSS 7.1 HIGH]
XSS
-
CVE-2025-67221
HIGH
CVSS 7.5
The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents. [CVSS 7.5 HIGH]
Denial Of Service
Orjson
Redhat
Suse
-
CVE-2025-66428
HIGH
CVSS 8.8
An issue with WordPress directory names in WebPros WordPress Toolkit versions up to 6.9.1 is affected by path traversal (CVSS 8.8).
WordPress
Privilege Escalation
PHP
-
CVE-2025-66138
HIGH
CVSS 8.8
merkulove Motionger for Elementor motionger-elementor is affected by missing authorization (CVSS 8.8).
Authentication Bypass
-
CVE-2025-66137
HIGH
CVSS 8.8
Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through <= 1.0.3. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-66136
HIGH
CVSS 8.8
Missing Authorization vulnerability in merkulove Carter for Elementor carter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carter for Elementor: from n/a through <= 1.0.2. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-66135
HIGH
CVSS 8.8
Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through <= 2.0.4. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-65098
HIGH
CVSS 7.4
Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. [CVSS 7.4 HIGH]
AI / ML
Typebot
-
CVE-2025-63019
HIGH
CVSS 7.5
Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy contains a security vulnerability (CVSS 7.5).
Information Disclosure
-
CVE-2025-63018
HIGH
CVSS 8.8
Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through <= 2.229. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-63017
HIGH
CVSS 7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through <= 1.6.6. [CVSS 7.5 HIGH]
PHP
Lfi
-
CVE-2025-62106
HIGH
CVSS 8.8
Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. [CVSS 8.8 HIGH]
WordPress
PHP
-
CVE-2025-56589
HIGH
CVSS 7.5
A Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the Apryse HTML2PDF SDK thru 11.6.0. [CVSS 7.5 HIGH]
SSRF
Lfi
Html2pdf
-
CVE-2025-55705
HIGH
CVSS 7.3
This vulnerability occurs when the system permits multiple simultaneous
connections to the backend using the same charging station ID. This can
result in unauthorized access, data inconsistency, or potential
manipulation of charging sessions. [CVSS 7.3 HIGH]
Authentication Bypass
Evmapa
-
CVE-2025-54002
HIGH
CVSS 8.8
Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through <= 1.2.9.4. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-53968
HIGH
CVSS 7.5
This vulnerability arises because there are no limitations on the number
of authentication attempts a user can make. An attacker can exploit
this weakness by continuously sending authentication requests, leading
to a denial-of-service (DoS) condition. [CVSS 7.5 HIGH]
Denial Of Service
Authentication Bypass
Evmapa
-
CVE-2025-50007
HIGH
CVSS 8.8
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through <= 1.2.9.4. [CVSS 8.8 HIGH]
Privilege Escalation
-
CVE-2025-50004
HIGH
CVSS 8.5
Deserialization of Untrusted Data vulnerability in artbees JupiterX Core jupiterx-core allows Object Injection.This issue affects JupiterX Core: from n/a through <= 4.10.1. [CVSS 8.5 HIGH]
Deserialization
-
CVE-2025-49375
HIGH
CVSS 8.8
Missing Authorization vulnerability in cozythemes HomeLancer homelancer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeLancer: from n/a through <= 1.0.1. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-49050
HIGH
CVSS 8.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through <= 2.5. [CVSS 8.8 HIGH]
WordPress
SQLi
PHP
-
CVE-2025-49049
HIGH
CVSS 8.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Gallery: from n/a through <= 12.37. [CVSS 8.8 HIGH]
SQLi
-
CVE-2025-47555
HIGH
CVSS 8.1
Authorization Bypass Through User-Controlled Key vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.4. [CVSS 8.1 HIGH]
Authentication Bypass
-
CVE-2025-36588
HIGH
CVSS 8.8
Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. [CVSS 8.8 HIGH]
SQLi
Unisphere For Powermax Virtual Appliance
Unisphere For Powermax
-
CVE-2025-31413
HIGH
CVSS 8.8
bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite is affected by cross-site request forgery (csrf) (CVSS 8.8).
CSRF
-
CVE-2025-27380
HIGH
CVSS 7.6
HTML injection in Project Release in Altium Enterprise Server (AES) 7.0.3 on all platforms allows an authenticated attacker to execute arbitrary JavaScript in the victim’s browser via crafted HTML content. [CVSS 7.6 HIGH]
RCE
XSS
On Prem Enterprise Server
-
CVE-2025-27378
HIGH
CVSS 8.6
AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries. [CVSS 8.6 HIGH]
SQLi
On Prem Enterprise Server
-
CVE-2025-13928
HIGH
CVSS 7.5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect authorization validation in API endpoints. [CVSS 7.5 HIGH]
Gitlab
Denial Of Service
-
CVE-2025-13927
HIGH
CVSS 7.5
Gitlab versions up to 18.6.4 is affected by allocation of resources without limits or throttling (CVSS 7.5).
Gitlab
Denial Of Service
-
CVE-2025-10856
HIGH
CVSS 8.1
Solvera Software Services Trade Inc. Teknoera is affected by unrestricted upload of file with dangerous type (CVSS 8.1).
File Upload
-
CVE-2025-10855
HIGH
CVSS 7.5
Solvera Software Services Trade Inc. Teknoera is affected by authorization bypass through user-controlled key (CVSS 7.5).
Authentication Bypass
-
CVE-2025-10024
HIGH
CVSS 7.5
EXERT Computer Technologies Software Ltd. Co. Education Management System is affected by authorization bypass through user-controlled key (CVSS 7.5).
Authentication Bypass
-
CVE-2025-5805
HIGH
CVSS 8.8
Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through <= 1.8.2. [CVSS 8.8 HIGH]
Authentication Bypass
-
CVE-2025-4764
HIGH
CVSS 8.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection.This issue affects Hotel Guest Hotspot: through 22012026. [CVSS 8.0 HIGH]
SQLi
Hotel Guest Hotspot
-
CVE-2026-24389
MEDIUM
CVSS 6.5
WP Chill Gallery PhotoBlocks photoblocks-grid-gallery is affected by cross-site scripting (xss) (CVSS 6.5).
XSS
-
CVE-2026-24388
MEDIUM
CVSS 4.3
WPMasterToolKit through version 2.14.0 contains an authorization bypass vulnerability that allows authenticated users to modify data due to improperly enforced access controls. An attacker with valid credentials can exploit this flaw to perform unauthorized actions beyond their intended permission level. A security patch is not currently available.
Authentication Bypass
-
CVE-2026-24387
MEDIUM
CVSS 4.3
Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator is affected by missing authorization (CVSS 4.3).
WordPress
-
CVE-2026-24386
MEDIUM
CVSS 4.3
Element Invader Template Kits for Elementor versions up to 1.2.4 contain an authorization bypass vulnerability that allows authenticated users to access resources or functionality beyond their intended permission level. An attacker with valid login credentials could exploit improperly configured access controls to view or manipulate sensitive data. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-24384
MEDIUM
CVSS 5.4
The Merge + Minify + Refresh WordPress plugin through version 2.14 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to perform unauthorized actions on behalf of authenticated users. An attacker can craft malicious requests to trick site administrators into executing unintended operations, potentially compromising website functionality or configuration. No patch is currently available for this vulnerability.
CSRF
-
CVE-2026-24383
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in bPlugins B Slider through version 2.0.6 enables authenticated attackers to inject malicious scripts that execute in users' browsers with network access. An attacker with user privileges can exploit improper input neutralization during web page generation to steal session tokens, perform unauthorized actions, or redirect victims to malicious sites. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-24381
MEDIUM
CVSS 5.4
ThemeGoods PhotoMe versions below 5.7.2 contain a server-side request forgery vulnerability that allows unauthenticated attackers to perform arbitrary HTTP requests on behalf of the affected server. The vulnerability requires user interaction to exploit and can lead to information disclosure or unintended modifications on the target system. No patch is currently available.
SSRF
-
CVE-2026-24374
MEDIUM
CVSS 5.4
Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager is affected by cross-site request forgery (csrf) (CVSS 5.4).
CSRF
-
CVE-2026-24366
MEDIUM
CVSS 5.3
YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-request-a-quote is affected by missing authorization (CVSS 5.3).
WordPress
-
CVE-2026-24365
MEDIUM
CVSS 5.4
storeapps Stock Manager for WooCommerce woocommerce-stock-manager is affected by cross-site request forgery (csrf) (CVSS 5.4).
WordPress
CSRF
-
CVE-2026-24361
MEDIUM
CVSS 6.5
ThimPress LearnPress Course Review plugin through version 4.1.9 is vulnerable to stored cross-site scripting (XSS) that allows authenticated users with insufficient input validation to inject malicious scripts into course reviews. An attacker with user privileges can exploit this to execute arbitrary JavaScript in other users' browsers, potentially stealing session tokens or performing unauthorized actions on their behalf. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-24360
MEDIUM
CVSS 4.6
Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting is affected by server-side request forgery (ssrf) (CVSS 4.6).
SSRF
-
CVE-2026-24355
MEDIUM
CVSS 5.4
favethemes Houzez Theme - Functionality houzez-theme-functionality is affected by cross-site scripting (xss) (CVSS 5.4).
XSS
-
CVE-2026-24354
MEDIUM
CVSS 6.5
DOM-based cross-site scripting in PenciDesign Penci Shortcodes & Performance plugin versions 6.1 and earlier allows authenticated attackers to inject malicious scripts that execute in users' browsers. An attacker with user-level privileges can exploit improper input neutralization during page generation to steal session cookies, perform unauthorized actions, or deface content for affected users. No patch is currently available for this vulnerability.
XSS
-
CVE-2026-24332
MEDIUM
CVSS 4.3
Discord's WebSocket API inadvertently discloses whether users have set their status to Invisible rather than offline by including them in the presences array, contradicting the privacy expectation that Invisible users appear completely offline. An authenticated attacker can exploit this information disclosure to determine the true online status of Discord users. No patch is currently available as of January 2026.
Information Disclosure
-
CVE-2026-24130
MEDIUM
CVSS 5.3
Moonraker versions 0.9.3 and below with LDAP authentication enabled are susceptible to LDAP injection attacks through the login endpoint, enabling attackers to enumerate valid user IDs and attributes via response analysis. An unauthenticated remote attacker can exploit this vulnerability to discover LDAP directory information without requiring valid credentials. A patch is available in version 0.10.0 and later.
Python
Ldap
Moonraker
-
CVE-2026-24117
MEDIUM
CVSS 5.3
Rekor versions 1.4.3 and earlier contain a server-side request forgery (SSRF) vulnerability in the /api/v1/index/retrieve endpoint that allows unauthenticated remote attackers to probe internal networks through blind SSRF attacks by supplying arbitrary URLs for public key retrieval. While the vulnerability cannot directly exfiltrate data or modify state since responses are not returned and only GET requests are supported, it enables reconnaissance of internal infrastructure. The issue is patched in version 1.5.0, or can be mitigated by disabling the retrieve API with --enable_retrieve_api=false.
SSRF
Rekor
Redhat
Suse
-
CVE-2026-24055
MEDIUM
CVSS 5.3
Langfuse versions 3.146.0 and below allow unauthenticated attackers to hijack Slack OAuth integrations by injecting arbitrary projectIds into the /api/public/slack/install endpoint, enabling them to bind malicious Slack workspaces to any project and intercept prompt management data. An attacker can replace existing Prompt Slack Automations or pre-register malicious integrations that execute when authenticated users unknowingly configure them. Public exploit code exists for this vulnerability, which affects the DNS and AI/ML components of the Langfuse platform.
Dns
AI / ML
Langfuse
-
CVE-2026-24039
MEDIUM
CVSS 4.3
Horilla HRMS 1.4.0 contains insufficient server-side authorization checks that permit low-privileged employees to self-approve documents they have submitted, bypassing intended administrative-only controls. Public exploit code exists for this vulnerability, enabling standard users to alter HR application state and potentially submit unvetted credentials or certifications. The integrity of HR document workflows is compromised as employees can modify approval statuses reserved for administrators.
Authentication Bypass
Horilla
-
CVE-2026-24037
MEDIUM
CVSS 4.8
Horilla HRMS version 1.4.0 contains insufficient input validation in its XSS prevention function, allowing attackers to bypass protections through context-agnostic regex patterns. Public exploit code exists for this vulnerability, enabling attackers to redirect users to malicious sites, execute arbitrary JavaScript, and steal CSRF tokens for use in admin-targeted attacks. The vulnerability affects Horilla 1.4.0 and has been patched in version 1.5.0.
XSS
CSRF
Horilla
-
CVE-2026-24036
MEDIUM
CVSS 5.3
Horilla HRMS versions 1.4.0 and above allow unauthenticated access to unpublished job postings through the /recruitment/recruitment-details/ endpoint, exposing draft job titles, descriptions, and application workflows. An attacker can leverage public exploit code to view sensitive internal hiring information and access recruitment processes for unpublished positions. The vulnerability affects all users with network access to affected Horilla instances and has been patched in version 1.5.0.
Authentication Bypass
Horilla
-
CVE-2026-24035
MEDIUM
CVSS 4.3
Horilla is a free and open source Human Resource Management System (HRMS). [CVSS 4.3 MEDIUM]
File Upload
Authentication Bypass
Horilla
-
CVE-2026-24034
MEDIUM
CVSS 5.4
Horilla versions up to 1.5.0 is affected by unrestricted upload of file with dangerous type (CVSS 5.4).
XSS
Horilla
-
CVE-2026-23992
MEDIUM
CVSS 5.9
Signature threshold validation bypass in go-tuf versions 2.0.0 through 2.3.0 allows a compromised or misconfigured TUF repository to disable signature verification by setting thresholds to zero, enabling attackers to tamper with metadata files without detection. This affects systems relying on go-tuf for secure software update verification, potentially allowing unauthorized modifications to trusted metadata both at rest and in transit. A patch is available in version 2.3.1.
Golang
Go Tuf
Redhat
Suse
-
CVE-2026-23991
MEDIUM
CVSS 5.9
go-tuf is a Go implementation of The Update Framework (TUF). [CVSS 5.9 MEDIUM]
Golang
Denial Of Service
Go Tuf
Redhat
Suse
-
CVE-2026-23964
MEDIUM
CVSS 6.5
Mastodon is a free, open-source social network server based on ActivityPub. [CVSS 6.5 MEDIUM]
Authentication Bypass
Mastodon
-
CVE-2026-23963
MEDIUM
CVSS 4.3
Mastodon prior to versions 4.5.5, 4.4.12, and 4.3.18 lacks input validation on list and filter names, allowing authenticated users to create arbitrarily long strings that consume excessive server resources and storage. A local attacker can exploit this to degrade system performance or render their own web interface unusable, though no patch is currently available for affected versions.
Denial Of Service
Mastodon
-
CVE-2026-23961
MEDIUM
CVSS 5.3
Suspended remote users in Mastodon can bypass suspension restrictions and have their posts appear in timelines through boosting and post processing logic errors. This affects all Mastodon versions for older posts, with additional bypass capabilities in versions 4.5.0-4.5.4, 4.4.5-4.4.11, 4.3.13-4.3.17, and 4.2.26-4.2.29, allowing suspended users to inject new content into the system. No patch is currently available for this integrity issue.
Authentication Bypass
Mastodon
-
CVE-2026-23959
MEDIUM
CVSS 4.9
Improper input sanitization in CoreShop's CustomerTransformerController prior to version 4.1.9 allows authenticated administrators to inject SQL commands through the admin panel, enabling database error-based information disclosure. An attacker with high-privilege access can exploit this to extract sensitive data from the underlying database without modifying or deleting records. A patch is available in version 4.1.9 and later.
SQLi
Coreshop
-
CVE-2026-23952
MEDIUM
CVSS 6.5
ImageMagick and Magick.NET versions 14.10.1 and below are vulnerable to denial of service attacks through a null pointer dereference in the MSL parser when processing malformed comment tags, exploitable by authenticated attackers without user interaction. Public exploit code exists for this vulnerability, and affected systems may crash or experience assertion failures depending on build configuration. No patch is currently available to address this medium-severity issue.
Null Pointer Dereference
Denial Of Service
Magick.Net
Imagemagick
Redhat
-
CVE-2026-23951
MEDIUM
CVSS 5.5
SumatraPDF on Windows is vulnerable to a denial-of-service attack through a maliciously crafted Mobi file that triggers an integer underflow in record validation, causing an out-of-bounds heap read and application crash. The vulnerability stems from an off-by-one error in the PalmDbReader::GetRecord function that only occurs with exactly 2 records, and public exploit code is available. No patch has been released at this time.
Windows
Integer Overflow
Denial Of Service
Sumatrapdf
-
CVE-2026-23946
MEDIUM
CVSS 6.8
Remote code execution in Tendenci CMS versions 15.3.11 and below allows authenticated staff users to execute arbitrary code through unsafe pickle deserialization in the Helpdesk module's reporting function. The vulnerability stems from incomplete patching of CVE-2020-14942, where the run_report() function continues to use unsafe pickle.loads() despite the ticket_list() function being corrected. Public exploit code exists for this issue, though impact is limited to the privileges of the application's runtime user.
Python
RCE
Deserialization
Tendenci
-
CVE-2026-23893
MEDIUM
CVSS 6.8
Privilege escalation in openCryptoki 2.3.2+ allows token-group members to exploit insecure symlink handling in group-writable token directories, enabling file operations on arbitrary filesystem targets when the library runs with elevated privileges. An attacker with token-group membership can plant symlinks to redirect administrative operations, potentially leading to privilege escalation or unauthorized data access. A patch is available.
Linux
Privilege Escalation
Opencryptoki
Redhat
Suse
-
CVE-2026-23887
MEDIUM
CVSS 5.4
Stored XSS in Group-Office through unsanitized filenames allows authenticated users to inject malicious scripts that execute when other users view affected files, potentially compromising sessions or triggering unintended browser actions. The vulnerability affects versions 6.8.148 and below, and 25.0.1 through 25.0.79, with public exploit code available. Patches are available in versions 6.8.149 and 25.0.80.
XSS
Group Office
-
CVE-2026-23831
MEDIUM
CVSS 5.3
Rekor versions 1.4.3 and below are vulnerable to denial of service through a null pointer dereference when processing malformed cose/v0.0.1 entries with empty spec.message fields. An unauthenticated remote attacker can trigger a panic in the Rekor process by sending a specially crafted entry, resulting in a 500 error response and temporary service disruption, though the thread recovery mechanism limits availability impact. The vulnerability has been patched in version 1.5.0.
Denial Of Service
Rekor
Redhat
Suse
-
CVE-2026-22483
MEDIUM
CVSS 5.4
teachPress through version 9.0.12 is vulnerable to Cross-Site Request Forgery attacks that enable unauthenticated attackers to perform unauthorized actions on behalf of authenticated users. The vulnerability requires user interaction and can result in data integrity compromise or service disruption, though confidentiality is not affected. No patch is currently available for this vulnerability.
CSRF
-
CVE-2026-22469
MEDIUM
CVSS 5.3
DeepDigital versions 1.0.2 and earlier fail to properly sanitize HTML script tags, enabling stored or reflected cross-site scripting (XSS) attacks that allow code injection. An unauthenticated attacker can exploit this vulnerability over the network to inject malicious scripts that execute in users' browsers, potentially compromising session data or performing unauthorized actions. No patch is currently available for affected installations.
Code Injection
-
CVE-2026-22468
MEDIUM
CVSS 4.3
AbsolutePlugins Absolute Addons For Elementor absolute-addons is affected by missing authorization (CVSS 4.3).
Authentication Bypass
-
CVE-2026-22466
MEDIUM
CVSS 4.3
WP MapIt plugin for WordPress through version 3.0.3 contains an authorization bypass that allows authenticated users to modify content they should not have access to. An attacker with user-level privileges can exploit misconfigured access controls to perform unauthorized actions, though the impact is limited to integrity violations without affecting confidentiality or availability.
WordPress
-
CVE-2026-22463
MEDIUM
CVSS 6.5
Stored XSS in Micro.company Form to Chat App versions up to 1.2.5 enables authenticated attackers to inject malicious scripts that execute in other users' browsers, potentially compromising session data and stealing sensitive information. The vulnerability stems from insufficient input sanitization during form processing and requires user interaction to trigger. No patch is currently available for this medium-severity flaw.
XSS
-
CVE-2026-22462
MEDIUM
CVSS 4.3
richardevcom Add Polylang support for Customizer add-polylang-support-for-customizer is affected by cross-site request forgery (csrf) (CVSS 4.3).
CSRF
-
CVE-2026-22461
MEDIUM
CVSS 5.3
WebAppick CTX Feed webappick-product-feed-for-woocommerce is affected by missing authorization (CVSS 5.3).
WordPress
-
CVE-2026-22458
MEDIUM
CVSS 5.3
Mikado-Themes Wanderland version 1.5 and earlier contains an authorization bypass that allows unauthenticated remote attackers to access restricted functionality due to improperly configured access controls. The vulnerability enables information disclosure with no patch currently available.
Authentication Bypass
-
CVE-2026-22450
MEDIUM
CVSS 4.3
The Don Peppe WordPress theme version 1.3 and earlier contains inadequate access control validation that permits authenticated users to access sensitive information they should not have permission to view. An attacker with valid login credentials could exploit this misconfiguration to retrieve confidential data, though the impact is limited to information disclosure without the ability to modify or delete content.
Authentication Bypass
-
CVE-2026-22447
MEDIUM
CVSS 5.3
Select-Themes Prowess through version 1.8.1 contains an authorization bypass vulnerability that allows unauthenticated remote attackers to access sensitive information due to improperly configured access controls. An attacker can exploit this flaw to read confidential data without requiring authentication or user interaction. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-22445
MEDIUM
CVSS 5.3
The Apimo Connector plugin for WordPress versions 2.6.4 and earlier contains an authorization bypass that allows unauthenticated attackers to access sensitive information through improperly configured access controls. An attacker can exploit this vulnerability over the network without user interaction to read confidential data from the affected application. No patch is currently available for this vulnerability.
Authentication Bypass
-
CVE-2026-22430
MEDIUM
CVSS 5.4
Mikado-Themes Verdure verdure is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22426
MEDIUM
CVSS 5.4
Elated-Themes Sweet Jane sweetjane is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22411
MEDIUM
CVSS 5.4
Mikado-Themes Dolcino dolcino is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22409
MEDIUM
CVSS 5.4
Mikado-Themes Justicia justicia is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22407
MEDIUM
CVSS 5.4
Mikado-Themes Roam through version 2.1.1 contains an authorization bypass vulnerability where attackers with valid user credentials can manipulate access control mechanisms to gain unauthorized access to sensitive functionality. This authentication-required vulnerability allows authenticated users to circumvent properly configured security levels through user-controlled parameters. No patch is currently available for this issue.
Authentication Bypass
-
CVE-2026-22406
MEDIUM
CVSS 5.4
Mikado-Themes Overton overton is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22404
MEDIUM
CVSS 5.4
Mikado-Themes Innovio innovio is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22400
MEDIUM
CVSS 5.4
Mikado-Themes Holmes holmes is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22398
MEDIUM
CVSS 5.4
Mikado-Themes Fleur fleur is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22396
MEDIUM
CVSS 5.4
Mikado-Themes Fiorello fiorello is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22393
MEDIUM
CVSS 5.4
Mikado-Themes Curly curly is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22391
MEDIUM
CVSS 5.4
Mikado-Themes Cocco cocco is affected by authorization bypass through user-controlled key (CVSS 5.4).
Authentication Bypass
-
CVE-2026-22388
MEDIUM
CVSS 5.9
Stored XSS in Owl Carousel WP through version 2.2.2 allows authenticated users with high privileges to inject malicious scripts that persist in web pages and execute in visitors' browsers. An attacker with administrative access could exploit improper input sanitization to compromise site visitor sessions or steal sensitive data. A patch is not currently available.
XSS
-
CVE-2026-22382
MEDIUM
CVSS 5.4
Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends is affected by cross-site request forgery (csrf) (CVSS 5.4).
WordPress
CSRF
-
CVE-2026-22360
MEDIUM
CVSS 4.3
SearchAzon versions 1.4 and earlier are vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unauthenticated attackers to perform unauthorized actions on behalf of users. The vulnerability requires user interaction and has limited impact, restricted to integrity violations without affecting confidentiality or availability. No patch is currently available for this issue.
CSRF
-
CVE-2026-22359
MEDIUM
CVSS 4.3
AA-Team Wordpress Movies Bulk Importer movies importer is affected by cross-site request forgery (csrf) (CVSS 4.3).
WordPress
CSRF
-
CVE-2026-22358
MEDIUM
CVSS 5.4
SmartDataSoft Electrician - Electrical Service WordPress electrician is affected by server-side request forgery (ssrf) (CVSS 5.4).
WordPress
SSRF
-
CVE-2026-22353
MEDIUM
CVSS 6.5
Stored XSS in teachPress through version 9.0.12 enables authenticated attackers to inject malicious scripts that execute in other users' browsers, potentially compromising session data and performing unauthorized actions within the application. The vulnerability requires user interaction to trigger and can affect multiple users across the application scope. No security patch is currently available for affected installations.
XSS
-
CVE-2026-22349
MEDIUM
CVSS 5.4
The Menu In Post plugin for Linux through version 1.4.1 contains a DOM-based cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into web pages viewed by other users. An attacker with user-level access can exploit this to steal session tokens, deface content, or perform actions on behalf of victims. No patch is currently available for this vulnerability.
Linux
XSS
-
CVE-2026-22348
MEDIUM
CVSS 5.3
Tasos Fel Civic Cookie Control civic-cookie-control-8 is affected by missing authorization (CVSS 5.3).
Authentication Bypass
-
CVE-2026-22347
MEDIUM
CVSS 6.5
subhansanjaya Carousel Horizontal Posts Content Slider carousel-horizontal-posts-content-slider is affected by cross-site scripting (xss) (CVSS 6.5).
XSS
-
CVE-2026-22280
MEDIUM
CVSS 5.0
Powerscale Onefs versions up to 9.5.1.5 is affected by incorrect permission assignment for critical resource (CVSS 5.0).
Denial Of Service
Powerscale Onefs
-
CVE-2026-22279
MEDIUM
CVSS 4.3
Dell PowerScale OneFS versions before 9.13.0.0 fail to adequately log security events, allowing unauthenticated remote attackers to tamper with information without leaving a detectable audit trail. The insufficient logging mechanism prevents administrators from identifying unauthorized modifications to system data. No patch is currently available for this medium-severity vulnerability.
Information Disclosure
Dell
Powerscale Onefs
-
CVE-2026-20904
MEDIUM
CVSS 6.5
Gitea's OpenID URI visibility controls lack proper ownership validation, allowing authenticated users to modify the visibility settings of other users' OpenID identities. This integrity bypass affects any Gitea instance where multiple users manage OpenID configurations, enabling account enumeration or information disclosure through unauthorized visibility changes. A patch is available to remediate this medium-severity vulnerability.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-20888
MEDIUM
CVSS 4.3
Gitea fails to enforce proper authorization checks when users attempt to cancel scheduled auto-merges through the web interface, allowing any user with pull request read access to cancel merge operations initiated by other users. This authorization bypass could disrupt automated workflows and merge processes across repositories. A patch is available to address this vulnerability.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-20883
MEDIUM
CVSS 6.5
Gitea's stopwatch API fails to re-validate repository access permissions, allowing revoked users to access sensitive information through active stopwatch sessions. An authenticated attacker with prior access to a private repository can enumerate issue titles and repository names even after their permissions have been removed. A patch is available to enforce proper access control validation.
Authentication Bypass
Gitea
Redhat
Suse
-
CVE-2026-20800
MEDIUM
CVSS 6.5
Gitea's notification API fails to re-validate repository access permissions when retrieving notification details, allowing users with revoked access to private repositories to continue viewing issue and pull request titles through cached notifications. An authenticated attacker can exploit this to maintain visibility into sensitive repository content after their access has been removed. A patch is available.
Information Disclosure
Gitea
Suse
-
CVE-2026-1332
MEDIUM
CVSS 5.3
Meetinghub Paperless Meetings is affected by missing authentication for critical function (CVSS 5.3).
Authentication Bypass
Meetinghub Paperless Meetings
-
CVE-2026-1327
MEDIUM
CVSS 6.3
Totolik NR1800X firmware versions up to 9.1.0u.6279_B20210910 contain a command injection vulnerability in the setTracerouteCfg function that allows authenticated remote attackers to execute arbitrary commands via malicious POST requests. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can leverage this to achieve remote code execution on affected network devices.
Command Injection
Nr1800x Firmware
-
CVE-2026-1326
MEDIUM
CVSS 6.3
Command injection in Totolik NR1800X firmware allows authenticated remote attackers to execute arbitrary commands through the Hostname parameter in the setWanCfg POST handler. Public exploit code exists for this vulnerability, creating elevated risk despite no patch availability. Affected devices can be compromised to gain full system control with network access and valid credentials.
Command Injection
Nr1800x Firmware
-
CVE-2026-1325
MEDIUM
CVSS 5.3
Operation And Maintenance Security Management System versions up to 3.0.12. is affected by weak password recovery mechanism for forgotten password (CVSS 5.3).
Information Disclosure
Operation And Maintenance Security Management System
-
CVE-2026-1102
MEDIUM
CVSS 5.3
Gitlab versions up to 18.6.4 is affected by allocation of resources without limits or throttling (CVSS 5.3).
Gitlab
Ssh
Denial Of Service
-
CVE-2026-1036
MEDIUM
CVSS 5.3
The Photo Gallery by 10Web plugin for WordPress versions up to 1.8.36 lacks proper authentication checks on its comment deletion function, allowing unauthenticated attackers to delete arbitrary image comments from the Pro version. This integrity vulnerability (CVSS 5.3) requires no user interaction and can be exploited remotely, though no patch is currently available. The impact is limited to comment data manipulation, but affects all unpatched installations of the plugin.
WordPress
-
CVE-2025-71176
MEDIUM
CVSS 6.8
pytest versions up to 9.0.2 contains a vulnerability that allows attackers to cause a denial of service or possibly gain privileges (CVSS 6.8).
Denial Of Service
Redhat
Suse
-
CVE-2025-70899
MEDIUM
CVSS 6.5
Online Course Registration versions up to 3.1 is affected by cross-site request forgery (csrf) (CVSS 6.5).
CSRF
Online Course Registration
-
CVE-2025-69820
MEDIUM
CVSS 6.0
Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function. [CVSS 6.0 MEDIUM]
Path Traversal
Beta9
Suse
-
CVE-2025-69612
MEDIUM
CVSS 6.5
A path traversal vulnerability exists in TMS Management Console (version 6.3.7.27386.20250818) from TMS Global Software. [CVSS 6.5 MEDIUM]
Path Traversal
Tms Management Console
-
CVE-2025-69317
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through < 2.4.6. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-69316
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through <= 1.0.4.2. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-69315
MEDIUM
CVSS 6.5
NSquared Simply Schedule Appointments simply-schedule-appointments is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2025-69300
MEDIUM
CVSS 5.4
Leap13 Premium Addons for Elementor premium-addons-for-elementor is affected by missing authorization (CVSS 5.4).
Authentication Bypass
-
CVE-2025-69098
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWave Hide My WP hide_my_wp allows Reflected XSS.This issue affects Hide My WP: from n/a through <= 6.2.12. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-69095
MEDIUM
CVSS 6.5
designthemes Reservation Plugin dt-reservation-plugin is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2025-69055
MEDIUM
CVSS 6.5
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder allows Path Traversal.This issue affects BM Content Builder: from n/a before 3.16.3.3. [CVSS 6.5 MEDIUM]
Path Traversal
-
CVE-2025-69001
MEDIUM
CVSS 5.3
Improper Control of Generation of Code ('Code Injection') vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through <= 6.1.11. [CVSS 5.3 MEDIUM]
Code Injection
-
CVE-2025-68911
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in solacewp Solace solace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Solace: from n/a through <= 2.1.16. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68900
MEDIUM
CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold enfold allows DOM-Based XSS.This issue affects Enfold: from n/a through <= 7.1.3. [CVSS 6.5 MEDIUM]
XSS
-
CVE-2025-68898
MEDIUM
CVSS 5.8
cjjparadoxmax Synergy Project Manager synergy-project-manager is affected by cross-site scripting (xss) (CVSS 5.8).
XSS
-
CVE-2025-68896
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in vrpr WDV One Page Docs wdv-one-page-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WDV One Page Docs: from n/a through <= 1.2.4. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68609
MEDIUM
CVSS 6.6
A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. [CVSS 6.6 MEDIUM]
Authentication Bypass
-
CVE-2025-68558
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in averta Depicter Slider depicter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through <= 4.0.4. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68507
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through <= 3.1.35. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68073
MEDIUM
CVSS 6.5
Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2025-68072
MEDIUM
CVSS 6.5
Merv Barrett Easy Property Listings easy-property-listings is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2025-68046
MEDIUM
CVSS 6.5
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through <= 2.0.1. [CVSS 6.5 MEDIUM]
Information Disclosure
-
CVE-2025-68039
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through <= 2.0.0. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68020
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in WANotifier WANotifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WANotifier: from n/a through <= 2.7.12. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68019
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in cleverplugins SEO Booster seo-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Booster: from n/a through <= 6.1.8. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68016
MEDIUM
CVSS 6.5
Onepay Sri Lanka onepay Payment Gateway For WooCommerce onepay-payment-gateway-for-woocommerce is affected by missing authorization (CVSS 6.5).
WordPress
PHP
-
CVE-2025-68013
MEDIUM
CVSS 6.5
cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo is affected by missing authorization (CVSS 6.5).
WordPress
Dotnet
PHP
-
CVE-2025-68009
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in Codeless Slider Templates slider-templates allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slider Templates: from n/a through <= 1.0.3. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-68007
MEDIUM
CVSS 6.5
Event Espresso Event Espresso 4 Decaf event-espresso-decaf is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2025-68006
MEDIUM
CVSS 6.5
Insertion of Sensitive Information Into Sent Data vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Retrieve Embedded Sensitive Data.This issue affects Booking Ultra Pro: from n/a through <= 1.1.23. [CVSS 6.5 MEDIUM]
Information Disclosure
-
CVE-2025-68003
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in renatoatshown Shown Connector shown-connector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shown Connector: from n/a through <= 1.2.10. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-67961
MEDIUM
CVSS 6.4
Server-Side Request Forgery (SSRF) vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through <= 40.0. [CVSS 6.4 MEDIUM]
SSRF
-
CVE-2025-67958
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in Taxcloud TaxCloud for WooCommerce simple-sales-tax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TaxCloud for WooCommerce: from n/a through <= 8.3.8. [CVSS 6.5 MEDIUM]
WordPress
PHP
-
CVE-2025-67954
MEDIUM
CVSS 6.5
Dimitri Grassi Salon booking system salon-booking-system contains a security vulnerability (CVSS 6.5).
Information Disclosure
-
CVE-2025-67942
MEDIUM
CVSS 6.5
peachpayments Peach Payments Gateway wc-peach-payments-gateway is affected by missing authorization (CVSS 6.5).
Authentication Bypass
-
CVE-2025-67939
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.6.2. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-67683
MEDIUM
CVSS 6.1
Quick.Cart is vulnerable to reflected XSS via the sSort parameter. An attacker can craft a malicious URL which, when opened, results in arbitrary JavaScript execution in the victim’s browser. [CVSS 6.1 MEDIUM]
XSS
Quick.Cart
-
CVE-2025-67652
MEDIUM
CVSS 6.1
An attacker with access to the project file could use the exposed
credentials to impersonate users, escalate privileges, or gain
unauthorized access to systems and services. [CVSS 6.1 MEDIUM]
Authentication Bypass
-
CVE-2025-67626
MEDIUM
CVSS 4.3
Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa WP SEO Search wp-seo-search allows Cross Site Request Forgery.This issue affects WP SEO Search: from n/a through <= 1.1. [CVSS 4.3 MEDIUM]
WordPress
CSRF
PHP
-
CVE-2025-66143
MEDIUM
CVSS 5.4
Missing Authorization vulnerability in merkulove Crumber crumber-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crumber: from n/a through <= 1.0.10. [CVSS 5.4 MEDIUM]
Authentication Bypass
-
CVE-2025-66142
MEDIUM
CVSS 5.4
merkulove Comparimager for Elementor comparimager-elementor is affected by missing authorization (CVSS 5.4).
Authentication Bypass
-
CVE-2025-66141
MEDIUM
CVSS 5.4
Missing Authorization vulnerability in merkulove Scroller scroller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scroller: from n/a through <= 2.0.2. [CVSS 5.4 MEDIUM]
Authentication Bypass
-
CVE-2025-66140
MEDIUM
CVSS 5.4
Missing Authorization vulnerability in merkulove Uper for Elementor uper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uper for Elementor: from n/a through <= 1.0.5. [CVSS 5.4 MEDIUM]
Authentication Bypass
-
CVE-2025-66139
MEDIUM
CVSS 5.4
Missing Authorization vulnerability in merkulove Audier For Elementor audier-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Audier For Elementor: from n/a through <= 1.0.9. [CVSS 5.4 MEDIUM]
Authentication Bypass
-
CVE-2025-64252
MEDIUM
CVSS 4.9
Marco Milesi ANAC XML Viewer anac-xml-viewer is affected by server-side request forgery (ssrf) (CVSS 4.9).
SSRF
-
CVE-2025-63051
MEDIUM
CVSS 4.3
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in sizam REHub Framework rehub-framework allows Retrieve Embedded Sensitive Data.This issue affects REHub Framework: from n/a through < 19.9.9.4. [CVSS 4.3 MEDIUM]
Information Disclosure
-
CVE-2025-63026
MEDIUM
CVSS 5.4
ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor is affected by cross-site scripting (xss) (CVSS 5.4).
XSS
-
CVE-2025-62077
MEDIUM
CVSS 5.9
SEOSEON EUROPE S.L Affiliate Link Tracker affiliate-link-tracker is affected by cross-site scripting (xss) (CVSS 5.9).
XSS
-
CVE-2025-53240
MEDIUM
CVSS 6.1
adamlabs WordPress Photo Gallery photo-gallery-portfolio is affected by cross-site scripting (xss) (CVSS 6.1).
WordPress
XSS
PHP
-
CVE-2025-52762
MEDIUM
CVSS 6.1
flexostudio flexo-posts-manager flexo-posts-manager is affected by cross-site scripting (xss) (CVSS 6.1).
XSS
-
CVE-2025-52746
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ayecode Restaurante restaurante allows Reflected XSS.This issue affects Restaurante: from n/a through <= 3.0.7. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-50006
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through <= 1.2.9.4. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-50005
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer allows DOM-Based XSS.This issue affects tagDiv Composer: from n/a through <= 5.4.2. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-49336
MEDIUM
CVSS 5.4
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through <= 1.1.8.4. [CVSS 5.4 MEDIUM]
XSS
-
CVE-2025-49249
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApusTheme Drone drone allows Reflected XSS.This issue affects Drone: from n/a through <= 1.40. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-49066
MEDIUM
CVSS 6.1
LambertGroup Accordion Slider PRO accordion_slider_pro is affected by cross-site scripting (xss) (CVSS 6.1).
XSS
-
CVE-2025-49046
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup xPromoter top_bar_promoter allows Reflected XSS.This issue affects xPromoter: from n/a through <= 1.3.4. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-49045
MEDIUM
CVSS 6.1
highwarden Super Interactive Maps super-interactive-maps is affected by cross-site scripting (xss) (CVSS 6.1).
XSS
-
CVE-2025-49043
MEDIUM
CVSS 6.1
LambertGroup Magic Responsive Slider and Carousel WordPress magic_carousel is affected by cross-site scripting (xss) (CVSS 6.1).
WordPress
XSS
PHP
-
CVE-2025-48094
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Magic Slider magic_slider allows Reflected XSS.This issue affects Magic Slider: from n/a through <= 2.2. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-47666
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Image&Video FullScreen Background lbg_fullscreen_fullwidth_slider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through <= 1.6.7. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-47600
MEDIUM
CVSS 6.1
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in xtemos WoodMart woodmart allows Code Injection.This issue affects WoodMart: from n/a through <= 8.3.7. [CVSS 6.1 MEDIUM]
Code Injection
XSS
-
CVE-2025-47500
MEDIUM
CVSS 5.4
Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks is affected by cross-site scripting (xss) (CVSS 5.4).
XSS
-
CVE-2025-32123
MEDIUM
CVSS 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through <= 5.3.5. [CVSS 6.1 MEDIUM]
XSS
-
CVE-2025-32057
MEDIUM
CVSS 6.5
The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 - 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. [CVSS 6.5 MEDIUM]
Tls
-
CVE-2025-32056
MEDIUM
CVSS 4.0
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. [CVSS 4.0 MEDIUM]
Authentication Bypass
-
CVE-2025-27379
MEDIUM
CVSS 6.8
A stored cross-site scripting (XSS) vulnerability in the BOM Viewer in Altium AES 7.0.3 allows an authenticated attacker to inject arbitrary JavaScript into the Description field of a schematic, which is executed when the BOM Viewer renders the affected content. [CVSS 6.8 MEDIUM]
XSS
On Prem Enterprise Server
-
CVE-2025-27377
MEDIUM
CVSS 5.3
Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. [CVSS 5.3 MEDIUM]
Authentication Bypass
Designer
-
CVE-2025-27005
MEDIUM
CVSS 6.1
LambertGroup HTML5 Video Player lbg-vp2-html5-bottom is affected by cross-site scripting (xss) (CVSS 6.1).
XSS
-
CVE-2025-25051
MEDIUM
CVSS 6.1
An attacker could decrypt sensitive data, impersonate legitimate users
or devices, and potentially gain access to network resources for lateral
attacks. [CVSS 6.1 MEDIUM]
Information Disclosure
-
CVE-2025-22234
MEDIUM
CVSS 5.3
The fix applied in CVE-2025-22228 inadvertently broke the timing attack mitigation implemented in DaoAuthenticationProvider. This can allow attackers to infer valid usernames or other authentication behavior via response-time differences under certain configurations. [CVSS 5.3 MEDIUM]
Information Disclosure
Redhat
-
CVE-2025-13335
MEDIUM
CVSS 6.5
Gitlab versions up to 18.6.4 is affected by loop with unreachable exit condition (infinite loop) (CVSS 6.5).
Gitlab
Denial Of Service
-
CVE-2025-9289
MEDIUM
CVSS 4.7
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator.
XSS
Oc200 Firmware
Oc400 Firmware
Oc300 Firmware
Oc220 Firmware
-
CVE-2025-4763
MEDIUM
CVSS 5.5
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows Reflected XSS.This issue affects Hotel Guest Hotspot: through 22012026. [CVSS 5.5 MEDIUM]
XSS
Hotel Guest Hotspot
-
CVE-2026-23764
None
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys).
Linux
Windows
Denial Of Service
-
CVE-2026-23763
None
VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a local privilege escalation vulnerability in the VBMatrix VAIO virtual audio driver (vbmatrixvaio64*_win10.sys).
Linux
Privilege Escalation
-
CVE-2026-23762
None
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys).
Linux
Windows
Denial Of Service
-
CVE-2026-23761
None
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys).
Linux
Windows
Denial Of Service
-
CVE-2026-22281
LOW
CVSS 3.5
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. [CVSS 3.5 LOW]
Denial Of Service
Race Condition
-
CVE-2026-1225
None
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file.
The instantiation of a potentially malicious Java class requires that said class is present on the user's class-path. In addition, the attacker must have write access to a
configuration file. However, after successful instantia...
Java
-
CVE-2026-1201
None
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controller versions up to 2.4.2.157 is affected by authorization bypass through user-controlled key.
Authentication Bypass
-
CVE-2026-0798
LOW
CVSS 3.5
Gitea may send release notification emails for private repositories to users whose access has been revoked. [CVSS 3.5 LOW]
Authentication Bypass
-
CVE-2025-15523
None
MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions
granted by the user to the main application bundle.
macOS
Python
-
CVE-2025-14751
None
A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation.
Privilege Escalation
-
CVE-2025-14750
None
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.
Information Disclosure
-
CVE-2025-14295
None
from 6.0 versions up to 9.0 contains a vulnerability that allows attackers to access stored passwords in a recoverable format which makes them subject to pass.
Windows
-
CVE-2025-12738
None
Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential information disclosure by an attacker who has some legitimate access to the database.
Information Disclosure
-
CVE-2024-53252
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-53251
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-53250
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-53249
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-53248
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45743
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45742
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Denial Of Service
-
CVE-2024-45730
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45729
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45728
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45727
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45726
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45725
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-45724
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-36998
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-36988
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-22166
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2023-7335
None
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality.
Industrial
Path Traversal