Insufficient authorization controls in PDF for Elementor Forms + Drag And Drop Template Builder version 6.3.1 and earlier allow authenticated users to modify or create PDF forms without proper permission validation. An attacker with user-level access could bypass access control restrictions to manipulate form configurations or data integrity. No patch is currently available for this vulnerability.
Missing Authorization vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a through <= 3.3.5. [CVSS 6.5 MEDIUM]
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through <= 6.3.0. [CVSS 6.5 MEDIUM]
Cozmoslabs Paid Member Subscriptions paid-member-subscriptions is affected by authorization bypass through user-controlled key (CVSS 6.5).
Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a through <= 1.2.1. [CVSS 6.5 MEDIUM]
Missing Authorization vulnerability in themewant Easy Hotel Booking easy-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Hotel Booking: from n/a through <= 1.8.7. [CVSS 6.5 MEDIUM]
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15. [CVSS 6.5 MEDIUM]
Missing Authorization vulnerability in aDirectory aDirectory adirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects aDirectory: from n/a through <= 3.0.3. [CVSS 6.5 MEDIUM]
OpenClaw versions prior to 2026.2.14 allow authenticated users to bypass group authorization policies by leveraging direct message trust credentials in group contexts, enabling unauthorized access to restricted group conversations. An attacker with valid credentials could exploit improper policy enforcement in iMessage groupPolicy=allowlist configurations to gain unauthorized visibility into protected group communications. A patch is available in version 2026.2.14 and later.
POSIMYTH Nexter Blocks the-plus-addons-for-block-editor is affected by cross-site scripting (xss) (CVSS 6.5).
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through <= 3.29.0. [CVSS 6.5 MEDIUM]
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path. [CVSS 6.5 MEDIUM]
uTLS versions 1.6.7 and below fail to validate TLS 1.3 downgrade protection mechanisms, allowing network attackers to force ClientHello modifications that cause servers to respond with lower TLS versions while bypassing detection checks. An active attacker can exploit this to downgrade encrypted connections to TLS 1.2 or earlier, potentially exposing traffic to known cryptographic weaknesses. Affected users of uTLS, Red Hat, and other TLS implementations should update to patched versions immediately.
Stored XSS in Master Addons For Elementor plugin (WordPress versions up to 2.1.1) allows authenticated contributors and above to inject malicious scripts into pages through the 'ma_el_bh_table_btn_text' parameter due to insufficient input sanitization. When other users access affected pages, the injected scripts execute in their browsers, potentially enabling session hijacking, credential theft, or malware distribution. No patch is currently available.
The Quiz Maker plugin for WordPress versions up to 6.7.1.7 allows authenticated contributors and higher-privileged users to inject persistent JavaScript through the `vc_quizmaker` shortcode due to inadequate input validation, enabling malicious script execution in pages viewed by other users. The vulnerability requires WPBakery Page Builder to be active and has no available patch. An attacker with contributor access can deface content or steal sensitive information from site visitors.
Tanium addressed a SQL injection vulnerability in Asset. [CVSS 6.3 MEDIUM]
Liquid Prompt is an adaptive prompt for Bash and Zsh. [CVSS 6.3 MEDIUM]
Cf-E7 Firmware versions up to 2.6.0.9 contains a vulnerability that allows attackers to command injection (CVSS 6.3).
Command injection in Comfast CF-E7 firmware versions 2.6.0.9 and earlier allows remote authenticated attackers to execute arbitrary commands through the timestr parameter in the NTP timezone configuration function. Public exploit code exists for this vulnerability, and the vendor has not provided patches despite early notification. An attacker with valid credentials can achieve remote code execution with medium impact on confidentiality, integrity, and availability.
A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the function Delete/Update of the component Product Management Module. [CVSS 5.4 MEDIUM]
Improper access controls in the Sales endpoint of Yeqifu Warehouse allow authenticated remote attackers to manipulate sales records through the addSales, updateSales, and deleteSales functions, potentially compromising data integrity and confidentiality. Public exploit code exists for this vulnerability, and no patch is currently available despite early notification to the developers.
Improper access controls in the Customer Endpoint of yeqifu Warehouse allow authenticated remote attackers to manipulate customer data through the addCustomer, updateCustomer, and deleteCustomer functions. Public exploit code exists for this vulnerability, and the vendor has not yet provided a patch. An attacker with valid credentials can achieve unauthorized information disclosure, modification, and denial of service with low attack complexity.
Improper access controls in the Cache Sync Handler of yeqifu Warehouse allow authenticated remote attackers to manipulate cache operations (deleteCache, removeAllCache, syncCache) and achieve unauthorized modification or denial of service. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification.
The Survey Maker WordPress plugin through version 5.1.7.7 is vulnerable to reflected cross-site scripting (XSS) that requires user interaction to exploit. An attacker can craft a malicious link to inject arbitrary JavaScript into a victim's browser session, potentially allowing credential theft or malicious actions within WordPress. No patch is currently available, leaving affected installations at risk.
HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative user interface which would require elevated privileges to exploit. [CVSS 6.1 MEDIUM]
Improper access controls in the Inport Endpoint of yeqifu Warehouse allow authenticated remote attackers to manipulate critical functions (addInport, updateInport, deleteInport) and gain unauthorized access to sensitive data or operations. Public exploit code exists for this vulnerability, and no patch is currently available. The vulnerability affects Java-based deployments with network access to the warehouse application.
vulnerability in Sync-in Server versions up to 1.9.3 is affected by cross-site scripting (xss) (CVSS 6.1).
SQL injection in JeecgBoot versions up to 3.9.1 allows authenticated remote attackers to manipulate the keyword parameter in the dictionary loading endpoint, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can be executed over the network with low complexity.
Cilium versions 1.18.0-1.18.5 with Native Routing, WireGuard, and Node Encryption enabled incorrectly allow cross-node Pod traffic that should be blocked, enabling unauthorized network access between isolated workloads. An attacker with network access to pods on different nodes can bypass network segmentation policies to access restricted services. The vulnerability affects deployments using these specific Cilium configurations and is resolved in version 1.18.6.
A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file utility/function.php. [CVSS 3.5 LOW]
Liton Arefin Master Addons for Elementor master-addons is affected by cross-site scripting (xss) (CVSS 5.9).
Insertion of Sensitive Information Into Sent Data vulnerability in themeglow JobBoard Job listing job-board-light allows Retrieve Embedded Sensitive Data.This issue affects JobBoard Job listing: from n/a through <= 1.2.8. [CVSS 5.9 MEDIUM]
Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n/a through <= 1.0. [CVSS 5.3 MEDIUM]
silence Silencesoft RSS Reader external-rss-reader is affected by cross-site scripting (xss) (CVSS 5.9).
Strimzi versions 0.47.0 through 0.50.0 improperly trust all certificates in a CA chain rather than only the intended signing authority, allowing Kafka Connect and MirrorMaker 2 operands to accept connections from brokers with certificates signed by intermediate CAs. An attacker could leverage this improper certificate validation to establish unauthorized connections to Kafka clusters using alternate CA-signed certificates from the trusted chain. This vulnerability requires high privileges to configure the CA chain and has no available patch at this time.
The web management interface of the device renders the passwords in a plaintext input field. [CVSS 5.7 MEDIUM]
RustDesk Client for Windows file transfer functionality allows local attackers with low-privileged code execution to read arbitrary files through symlink injection, potentially disclosing sensitive information with SYSTEM-level access. An attacker can exploit the Transfer File feature by uploading a specially crafted symbolic link to bypass access controls and access protected files on the target system. No patch is currently available for this vulnerability.
OpenClaw versions prior to 2026.2.15 expose Telegram bot tokens in error messages and logs without redaction, allowing attackers who gain access to these logs to impersonate the bot and hijack its API access. This credential disclosure affects users of the AI assistant across systems where logs, crash reports, or support bundles are generated. Users must upgrade to version 2026.2.15 and rotate exposed Telegram bot tokens immediately.
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 5.5).
Owl OPDS 2.2.0.4 contains an uncontrolled search path vulnerability that allows local authenticated attackers to manipulate configuration file search paths through a crafted request, potentially leading to unauthorized modification of application behavior or settings. With no available patch, this medium-severity issue (CVSS 5.5) poses a risk to systems running the affected version where local user access is possible.
Opds Talon 2.2.0.4 contains an uncontrolled search path vulnerability that allows local authenticated attackers to manipulate configuration file search paths through crafted requests, potentially leading to unauthorized modification of application behavior. With no available patch and an EPSS score of 0%, this vulnerability currently poses minimal exploitation risk but could allow privilege escalation or security bypass for users with local access to the system.
Opds Talon 2.2.0.4 contains an uncontrolled search path vulnerability that allows local attackers with user privileges to manipulate configuration file search paths through crafted requests, potentially enabling unauthorized modification of application behavior. An attacker could exploit this to alter critical configuration settings without elevated permissions. No patch is currently available for this vulnerability.
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 5.5).
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 5.5).
Pypdf versions up to 6.7.1 is affected by allocation of resources without limits or throttling (CVSS 5.5).
Resource exhaustion in pypdf versions prior to 6.7.1 occurs when processing maliciously crafted PDF files with manipulated /ToUnicode font entries, causing excessive memory consumption and processing delays during text extraction operations. A local attacker with file access can exploit this to degrade system performance, though no code execution or data compromise is possible. The vulnerability affects Python environments using pypdf and is remedied by upgrading to version 6.7.1 or later.
Pypdf versions up to 6.7.1 is affected by loop with unreachable exit condition (infinite loop) (CVSS 5.5).
OpenClaw AI assistant versions prior to 2026.2.15 allow local authenticated users to access session transcripts across peer accounts in multi-user shared-agent deployments due to insufficient session targeting restrictions. Additionally, Telegram webhook mode may fail to properly validate per-account secrets, potentially allowing unauthorized webhook access. The vulnerability primarily impacts multi-user environments with untrusted peers, while single-user or trusted deployments face limited practical risk.
HTML injection in Svelte's server-side rendering occurs when the `<svelte:element>` tag parameter fails to sanitize user-supplied tag names, allowing attackers to inject malicious HTML into rendered output. This affects Svelte versions prior to 5.51.5 and requires user interaction to exploit, with client-side rendering remaining unaffected. An authenticated attacker can achieve limited information disclosure or modify page content for affected users.
Server-side rendering in Svelte versions before 5.51.5 fails to sanitize event handler properties when spreading untrusted data as HTML attributes, enabling stored or reflected XSS attacks. An attacker can inject malicious event handlers into rendered pages if an application spreads user-controlled or external data as element attributes, causing arbitrary JavaScript execution in victim browsers. No patch is currently available.