Stored cross-site scripting in the Drupal Tagify contributed module allows low-privileged authenticated users to inject persistent malicious scripts that execute in the browsers of subsequent page visitors, including administrators. All Tagify module versions prior to 1.2.52 are affected. No public exploit code has been identified and EPSS sits at the 6th percentile, but the stored nature of the XSS elevates impact relative to reflected variants since payloads persist across all future viewers of the poisoned content.
Stored cross-site scripting in Drupal Commerce Core 3.3.0 through 3.3.5 allows an authenticated low-privilege attacker to inject persistent malicious scripts that execute in other users' browsers when affected pages are viewed. The scope change (S:C in the CVSS vector) confirms the payload breaks out of the application's security context into the victim's browser environment, enabling session hijacking or unauthorized UI manipulation. No active exploitation or public exploit code has been identified; EPSS of 0.16% (6th percentile) reflects low real-world exploitation probability at time of analysis.
Cross-site scripting (XSS) in Drupal Core affects a broad swath of the 10.x and 11.x release lines, enabling an authenticated low-privileged attacker to inject malicious client-side script that executes in the browser of a victim who interacts with the crafted content. The CVSS scope-change indicator (S:C) confirms the impact escapes the originating component into the victim's browser context, enabling session hijacking or privilege escalation against higher-privileged users. No public exploit code has been identified and EPSS sits at 0.15% (5th percentile), indicating low automated exploitation probability at time of analysis, though the wide deployment footprint of Drupal still makes patching urgent.
Authorization bypass in the KiviCare WordPress EHR plugin (all versions through 4.4.0) allows unauthenticated network attackers to confirm arbitrary pending clinic appointments and inject forged payment records into the wp_kc_payments_appointment_mappings table using attacker-supplied payment IDs, completely circumventing the payment collection process. The root defect is a two-part failure: the appointments API controller does not verify user authorization before processing status changes, and the KCPaymentGatewayFactory returns all registered gateways regardless of admin-enabled status - meaning the KCPayLater manual-payment gateway is always selectable, even by unauthenticated callers on default installations. No public exploit or CISA KEV listing exists at time of analysis, though the trivially low attack complexity makes scripted abuse realistic.
Path traversal via the unsanitized 'X-FILENAME' HTTP header in the ARMember WordPress membership plugin allows unauthenticated remote attackers to upload and overwrite files outside the intended 'wp-content/uploads/armember' directory on affected WordPress installations running versions 4.0.27 and earlier. The integrity impact is limited by the plugin's handling of 'certain files (e.g., CSS)' rather than arbitrary file types, capping the CVSS score at 5.3 Medium; however, successful exploitation can enable website defacement or manipulation of frontend assets without any authentication. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.
Stored cross-site scripting in JetBrains TeamCity before 2026.1.2 lets an attacker who controls a build agent persist a malicious script into agent-reported data that executes when a privileged user opens the cloud profile page. Because it fires in the browser session of an operator with access to CI/CD configuration, it can lead to session/token theft and actions performed as the victim. The issue was reported by JetBrains itself; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
WAF rule bypass in ModSecurity 3.0.0-3.0.15 on i386 architecture allows network-accessible attackers to evade rules that use the t:utf8toUnicode transformation, potentially permitting injection attacks or other malicious payloads to reach protected applications undetected. The root cause is CWE-467 - sizeof() applied to a char pointer in utf8_to_unicode.cc yields the pointer width (4 bytes on i386) rather than the unicode buffer length, corrupting transformation output. No public exploit code or active exploitation has been identified at time of analysis; the fix is available in v3.0.16.
Path traversal in zhayujie CowAgent versions up to 2.1.0 allows remote low-privilege authenticated attackers to write files outside the intended skill installation directory by manipulating the `Name` argument in the Skill Installation Handler. The flaw resides in the `_add_url` and `_add_package` functions within `agent/skills/service.py`, which fail to sanitize path components before constructing filesystem paths during skill installation. No public exploit or active exploitation confirmed (no CISA KEV listing); a vendor-released patch exists in version 2.1.2.
Unauthorized file attachment in Frappe, a Python/JavaScript full-stack web framework, allows any authenticated low-privilege user to attach files to arbitrary doctypes through file-handling API endpoints such as add_attachments, bypassing per-document write permission enforcement. Affected are all Frappe v15 releases prior to 15.110.0 and all v16 releases prior to 16.20.0. No public exploit code has been identified at time of analysis and this vulnerability is not listed in the CISA KEV catalog, but the low attack complexity and network accessibility make exploitation straightforward for any valid account holder on a multi-tenant instance.
Missing authorization on the reportview endpoint in Frappe framework permits authenticated low-privileged users to access or manipulate report data beyond their permitted scope. Versions prior to 15.107.5 (v15 branch) and 16.18.2 (v16 branch) are affected, confirmed via GitHub Security Advisory GHSA-w8g7-j846-j248. No public exploit or CISA KEV listing exists at time of analysis; the CVSS 4.0 PR:L metric confirms exploitation is bounded by requiring a valid authenticated session.
Authenticated RabbitMQ users can bypass authorization controls on passive AMQP 0-9-1 declare operations, exposing internal broker topology metadata across all affected release branches (3.13.x, 4.0.x, 4.1.x, 4.2.x). The missing authorization check on passive queue.declare and exchange.declare allows any user with vhost connectivity to enumerate queue and exchange names and read live message and consumer counts without requiring elevated permissions. No public exploit code has been identified and the vulnerability is not in CISA KEV; however, the low exploitation complexity, authentication-only prerequisite, and broad affected version range meaningfully elevate real-world exposure risk in multi-tenant or shared-credential deployments.
Authorization bypass in the Eventin WordPress plugin (versions 4.0.26-4.1.15) enables unauthenticated attackers to mark unpaid ticket orders as completed by submitting a fabricated SureCart checkout ID or FluentCart cart hash to the payment_complete() REST endpoint. The wp_rest nonce required to reach this endpoint is embedded in the HTML of every public event page, eliminating any credential or session requirement. This is a confirmed regression - the same function and endpoint were previously patched by Arraytics, but the fix was lost in subsequent releases; no public exploit has been identified at time of analysis.
Unauthenticated media library attachment deletion affects the Easy Upload Files During Checkout WordPress plugin through version 3.0.1, enabling any remote visitor to permanently destroy arbitrary files from the site's media library with no credentials. The root cause is CWE-639: the ufdc_custom_init() hook processes a user-controlled 'eufdc-delete' parameter without nonce verification, capability checks, or attachment ownership validation, reducing authorization to a trivial parameter-guessing exercise against sequential WordPress attachment IDs. No public exploit code or CISA KEV listing has been identified, but the attack requires zero prerequisites beyond plugin presence, making it trivially reproducible.
Broken authorization in Snipe-IT's legacy single-seat license checkin endpoint allows authenticated users with only checkout (assign) rights to invoke the checkin (unassign) action, bypassing the intended permission boundary. Versions prior to 8.6.2 are affected; this is fixed in v8.6.2. No public exploit has been identified at time of analysis, and the flaw is not listed in the CISA KEV catalog, but the low-complexity, network-accessible nature of the bypass makes it straightforward to exploit for any authenticated user with checkout-level access.
Disk space exhaustion in n8n's data-table file upload endpoint allows an authenticated user to progressively fill the host's disk by repeatedly uploading files whose cumulative size is never checked against what already exists in the shared temporary directory. Affected versions span all n8n releases before 2.28.0 on the 2.x branch and before 1.123.58 on the 1.x branch. The flaw is rooted in a stateless per-request quota that ignores previously written files, enabling a low-privileged user to loop uploads between periodic cleanup cycles until disk space is exhausted, potentially disrupting the host and all co-resident services. No public exploit code or CISA KEV listing has been identified at time of analysis.
Missing authorization on Snipe-IT's asset request cancellation endpoint prior to version 8.6.0 allows any authenticated low-privileged user to cancel another user's pending asset requests by supplying a victim's user ID in the URL path segment. The cancel_by_admin path parameter is accepted without server-side privilege verification, constituting a CWE-862 (Missing Authorization) flaw - effectively a broken object-level authorization issue on an administrative action. No public exploit has been identified at time of analysis, and CVSS 4.0 scoring (5.3) reflects limited scope: integrity-only impact with no data exposure or availability loss.
Unauthorized file disclosure in Dell Unisphere for PowerMax 10.3.0.5 and prior is achievable by a remote low-privileged attacker via an XML External Entity (XXE) injection flaw (CWE-611). By submitting crafted XML containing external entity declarations to a vulnerable parsing endpoint, an authenticated attacker can cause the server to read and return sensitive local files or initiate server-side requests, resulting in High confidentiality impact. No public exploit code or CISA KEV listing has been identified at time of analysis; however, Dell has issued advisory DSA-2026-272 covering this and related vulnerabilities across the PowerMax product family.
{kit_id}/licenses allows authenticated low-privilege users to bind arbitrary licenses - including those belonging to other departments or users - into kits they control. The server validates kit-edit permissions but performs no ownership or access check against the referenced license object, a classic IDOR pattern (CWE-639). No public exploit exists and the vulnerability is not listed in CISA KEV; it is fixed in version 8.6.2.
Preview namespace collision in Capgo before 12.128.2 enables authenticated low-privileged tenants to hijack or deny preview routing for other tenants' applications by deliberately registering app IDs containing double underscores that decode identically to a victim's dot-separated app ID. The non-bijective hostname parsing - where `__` maps to `.` but `.` is also a valid app ID character - breaks namespace uniqueness across tenants, allowing cross-tenant preview misrouting. No public exploit has been identified at time of analysis, and no CISA KEV listing exists; real-world impact is confined to preview functionality, not production app delivery.
Plan quota enforcement is missing on the /files/upload/attachments endpoint in Capgo before 12.128.2, allowing upload-scoped API keys to bypass plan restrictions and create publicly readable Cloudflare R2 objects regardless of account standing. Apps that have been plan-blocked or suspended retain the ability to upload arbitrary attachments that persist outside bundle metadata and survive app deletion, enabling sustained storage and bandwidth abuse against the Capgo platform. No public exploit has been identified at time of analysis, and the vulnerability has not been confirmed as actively exploited.
Stored XSS in R-SOFT DMS file upload functionality allows authenticated attackers to embed arbitrary HTML and JavaScript within uploaded filenames, which subsequently execute in the browsers of any user viewing the file list or upload status pages. The vulnerability affects the document management system's filename rendering pipeline, which fails to sanitize input before output into HTML context. Fixed versions are available (v3.19-2832 and v3.17-2580); no public exploit identified at time of analysis, and the product is not listed in the CISA KEV catalog.
Out-of-bounds read in mtr's ipinfo_lookup() function allows a DNS-layer attacker to reliably crash the tool by serving a crafted TXT response during AS-number lookups. mtr through version 0.96 is affected; the root cause is that dn_expand() receives the total response length as its boundary argument rather than the safe, validated packet end - so a >512-byte response carrying a malicious compression pointer in the answer NAME field directs the read past the buffer. No public exploit code and no CISA KEV listing exist at time of analysis, though the crash is described as deterministic once the attacker controls the DNS response.
DSN string injection in grav-plugin-database prior to version 1.2.0 allows an administrator with Grav CMS plugin configuration access to manipulate PDO database connection strings by injecting unsanitized YAML field values. The vulnerable `Database::__call` method concatenates fields such as host, dbname, charset, server, database, directory, and filename directly into DSN strings without validation, enabling DSN attribute injection or path traversal to redirect database connections to unintended targets. No public exploit code or active exploitation has been identified at time of analysis; the fix is available in version 1.2.0.
Stored cross-site scripting and open redirect vulnerabilities in n8n's Form Node allow authenticated users with workflow creation permissions to inject malicious scripts or phishing redirects that execute in the browsers of end users who interact with published forms. Affected across both the 1.x branch (before 1.123.24) and the 2.x branch (before 2.10.4 and 2.12.0). The attack surface is the Form Node's HTML description fields, which accept unsanitized markup, combined with an overly permissive iframe sandbox policy - creating a persistent attack vector embedded within legitimate workflows. No public exploit code or CISA KEV listing has been identified at time of analysis.
Stored cross-site scripting in HestiaCP's DNS record management interface (all versions before 1.9.5) enables authenticated low-privilege users to execute arbitrary JavaScript in the browsers of any panel user who views the DNS record list, including administrators. The flaw in list_dns_rec.php allows injecting a script payload via a crafted DNS record value that breaks out of the data-sort-value HTML attribute due to missing htmlspecialchars() encoding - creating a persistent, privilege-escalating attack path from tenant-level access to admin session compromise. No public exploit or CISA KEV listing has been identified at time of analysis; vendor-released patch (v1.9.5) is available.
Improper input validation in Samsung Email prior to version 6.2.13.1 enables local attackers to create arbitrary files within the application's Android sandbox, affecting integrity and availability of the email client. The attack is confined to the Samsung Email sandbox by Android's isolation model and cannot directly escalate to system-level or cross-application impact. No public exploit has been identified and the vulnerability is not listed in CISA KEV; Samsung has released a confirmed fix in version 6.2.13.1.
Incorrect default permissions in Samsung Mobile's WLAN security component expose TencentWifiSecurity settings to any local attacker on Android 14, 15, and 16 devices prior to SMR Jul-2026 Release 1. An unprivileged local user or application can read or modify TencentWifiSecurity configuration, resulting in limited information disclosure and integrity compromise of WiFi security settings. No public exploit code exists and this vulnerability is not listed in CISA KEV; however, the zero-privilege-required local access condition broadens practical exposure on shared, enterprise-managed, or already-compromised devices.
Improper access control in Samsung's SmartThingsKit component on Android 16 devices allows local attackers without elevated privileges to read sensitive information. The flaw, patched in SMR Jul-2026 Release 1, is limited to local exploitation and carries no integrity or availability impact. No public exploit has been identified at time of analysis, and Samsung has not reported active exploitation.
Stored XSS in PeerTube before version 8.2.2 allows any authenticated uploader to inject arbitrary HTML and JavaScript into the instance origin by embedding the byte sequence </script> inside video metadata fields. The server-side renderer serializes video metadata directly into schema.org JSON-LD script blocks using JSON.stringify without HTML-character escaping, causing the browser to terminate the script tag prematurely and parse attacker-controlled content as raw HTML. The payload executes automatically for every visitor to the affected video's watch page, and no public exploit has been identified at time of analysis.
Stored XSS in the Grav API plugin (getgrav/grav-plugin-api) before version 1.0.3 allows an authenticated attacker holding the api.media.write permission to upload a malicious SVG file that executes arbitrary JavaScript in an administrator's browser session. The POST /api/v1/media endpoint's HandlesMediaUploads::processUploadedFile() method validates only the file extension and never calls Security::sanitizeSVG(), so the uploaded file is stored and served verbatim with Content-Type: image/svg+xml. When an administrator opens the file directly or via an embedded object or iframe, the injected script runs in the admin's authenticated session context, enabling cookie theft and full session hijacking. No public exploit or active exploitation has been identified at time of analysis.
Path traversal in phpMyFAQ's PDF export pipeline allows authenticated FAQ editors to read arbitrary server-side files by storing HTML with crafted image paths that exploit a type-juggling flaw in concatenatePaths(). When the substring 'content' is absent from an attacker-controlled path, strpos() returns false, which PHP silently coerces to integer 0, causing the full unsanitized path to pass through to file_get_contents() without canonicalization. No active exploitation is confirmed (not in CISA KEV), and no public exploit code has been identified at time of analysis, but the root cause is a low-complexity PHP type-juggling antipattern that is straightforward to weaponize once the attack surface is understood.
Cross-tenant authorization bypass in Snipe-IT prior to v8.6.2 allows an authenticated user with only `reports.view` permission in one company to delete pending checkout acceptance records belonging to any other company by supplying arbitrary global IDs to the unaccepted-assets report delete endpoint. The root cause is a classic IDOR (CWE-639): the endpoint validates role but not company-scope ownership. No public exploit has been identified and this CVE is absent from the CISA KEV catalog, but multi-tenant deployments relying on organizational data isolation are directly impacted.
Second-order SQL injection in Mail Mint WordPress plugin (all versions ≤ 1.24.1) allows authenticated administrators to exfiltrate arbitrary data from the WordPress database via the 'recipients' parameter in the campaign REST API. The attack exploits a two-stage flaw: a malicious SQL payload bypasses int-cast input validation at write time and persists unsanitized, then fires during a subsequent campaign retrieval request that passes the raw value into an unparameterized query. No public exploit or CISA KEV listing has been identified at time of analysis; real-world risk is moderated by the required administrator-level authentication.
SQL Injection in the Cookie Banner for GDPR/CCPA - WPLP Cookie Consent WordPress plugin (versions up to and including 4.3.6) enables authenticated administrators to append arbitrary SQL to existing queries via the unsanitized 'scan_id' parameter in the cookie scanner module. Exploitation is constrained to administrator-level accounts (PR:H per CVSS vector), making this a privileged read-only database extraction flaw rather than a broad remote attack surface. No public exploit code or CISA KEV listing has been identified at time of analysis; a patch commit is referenced in the WordPress plugin repository changeset.
RabbitMQ Server prior to 4.2.6 fails to cancel or reauthorize existing AMQP 0-9-1 consumers when an OAuth token expires or when connection.update_secret reduces token scopes, allowing an authenticated consumer to continue receiving messages it is no longer authorized to access. The broker evaluates authorization only at consumer registration time, not at message delivery time, creating a persistent authorization bypass window for as long as the connection remains open. No public exploit exists at time of analysis, but the CVSS 4.0 vector assigns high subsequent-system confidentiality impact (SC:H), reflecting meaningful data-access risk in OAuth-governed or multi-tenant deployments.
CSV formula injection in Snipe-IT prior to version 8.5.0 enables a low-privileged authenticated user to store a malicious spreadsheet formula via the HTTP User-Agent header, which is then written unescaped into exported Activity Report CSV files. When an administrator or report viewer opens the exported file in spreadsheet software such as Microsoft Excel or LibreOffice Calc, the embedded formula executes within their local application environment, potentially enabling data exfiltration or arbitrary command execution on the viewer's workstation. No public exploit code has been identified at time of analysis, and a vendor-released patch is available in version 8.5.0.
Account takeover in ZITADEL's external identity provider auto-linking logic prior to version 4.15.3 allows an unauthenticated network attacker to hijack a victim's local ZITADEL account. The handler confirms that the local user's email is verified but fails to require the external IdP to also confirm ownership of that same email address before completing the link - meaning an attacker who registers a victim's email on a permissive external IdP (one that does not enforce email verification) can silently gain full access to the victim's ZITADEL account. No public exploit has been identified at time of analysis; the fix is available in the vendor-released patch v4.15.3.
Incorrect Authorization (CWE-863) in the Drupal Commerce Realex / Global Payments module exposes protected payment and order resources to forceful browsing, allowing unauthenticated remote attackers to access endpoints that should require authorization. All module versions from 0.0.0 through 3.0.2 (exclusive) are affected on Drupal Commerce deployments. No public exploit code has been identified and SSVC confirms no active exploitation at time of analysis, though the nature of a payment gateway module means successful access could expose order or transaction data.
Stored cross-site scripting (XSS) in Snipe-IT before 8.6.2 allows a low-privileged user with the assets.edit permission to plant a malicious javascript: URI inside a Markdown hyperlink in a custom textarea field. When any other user opens the affected asset detail page and clicks the crafted link, arbitrary JavaScript executes in their browser session. No public exploit code or active exploitation has been identified at time of analysis, and the vendor has released a patch in v8.6.2.
Incorrect Authorization (CWE-863) in the Drupal AI Agents contributed module enables Forceful Browsing, allowing network-reachable attackers to access restricted AI agent resources without proper permission checks. Three distinct release branches are affected: 0.0.0-1.1.4, 1.2.0-1.2.5, and 1.3.0-1.3.1. CISA SSVC classifies exploitation as none with partial technical impact, EPSS sits at the 4th percentile, and no public exploit has been identified at time of analysis - signals that collectively indicate limited immediate real-world risk despite the network-accessible attack vector.
Memory leak in ImageMagick's META reader (versions before 7.1.2-18) enables denial of service through resource exhaustion when processing specially crafted APP1JPEG image files. The flaw sits in the error-handling path of the META reader, meaning memory allocated during malformed APP1JPEG processing is never freed, allowing an attacker to repeatedly trigger the leak until the host process exhausts available memory. No public exploit code has been identified at time of analysis and this vulnerability is not listed in the CISA KEV catalog; the CVSS 4.0 score of 4.8 (Medium) reflects limited impact scope.
Improper authorization in Samsung Health prior to version 7.00.0.107 exposes connected device information to local, low-privileged attackers on the same Android device. The flaw likely involves an improperly protected Android IPC mechanism - such as a content provider or broadcast receiver - that fails to enforce access controls over paired wearable or peripheral device data. No public exploit code exists and this vulnerability has not been added to the CISA KEV catalog; combined with the local-only attack vector and limited data sensitivity, real-world risk is low.
Cross-Site Request Forgery in the Drupal Salesforce Suite contrib module (all versions from 0.0.0 up to and including 5.1.3) lets an attacker forge state-changing requests that are executed with the privileges of an authenticated Drupal user who is tricked into loading attacker-controlled content. The Drupal security team (SA-CONTRIB-2026-063) rates it critical, and a fixed release is available; no public exploit code has been identified and EPSS is very low (0.10%, 1st percentile), indicating no observed exploitation activity. Note that the published CVSS vector (UI:N) is atypical for CSRF, which normally depends on victim interaction, so the real-world impact profile should be verified against the vendor advisory.
CSP header injection in the `secure_headers` RubyGems library (≤ 7.2.0) allows an attacker who can influence input to the `:sandbox`, `:plugin_types`, or `:report_to` per-request override APIs to inject an arbitrary `script-src 'unsafe-inline' *` directive that wins over the application's configured strict `script-src` under the W3C CSP first-occurrence rule, achieving full XSS reachability. The three affected directive builders (`build_sandbox_list_directive`, `build_media_type_list_directive`, `build_report_to_directive`) emit caller-supplied bytes verbatim into the CSP header value, unlike the sibling `build_source_list_directive` which has sanitized `;`, `\r`, and `\n` since CVE-2020-5217. A fully browser-verified proof of concept is publicly available; exploitation is not confirmed in CISA KEV but the attack is concrete and code-complete.
Stored Cross-Site Scripting in the Highlighting Code Block WordPress plugin (versions ≤ 2.2.0) allows authenticated attackers holding administrator-level permissions to inject persistent malicious scripts via the plugin's admin settings panel, with those scripts executing in the browsers of any user who subsequently visits an affected page. Exploitation is constrained to WordPress multi-site network installations or single-site deployments where the unfiltered_html capability has been explicitly disabled - conditions that are non-default and substantially narrow the attacker population. No public exploit code or active exploitation has been identified at time of analysis; Wordfence, the reporting source, has published a fix commit to the plugin's SVN repository, though a specific patched release version is not yet confirmed.
Stored Cross-Site Scripting in the Ajax Load More WordPress plugin (versions through 7.0.1) allows authenticated administrators to inject persistent malicious scripts into pages served to other users. The vulnerability stems from insufficient input sanitization and output escaping in admin-facing settings fields. Exploitation is constrained to WordPress multisite environments or sites with unfiltered_html disabled, and no public exploit or KEV listing exists at time of analysis, keeping real-world risk moderate despite the network-accessible vector.
Stored Cross-Site Scripting in the WPvivid Backup for MainWP WordPress plugin (all versions up to and including 0.9.33) allows authenticated administrators to inject persistent malicious scripts via plugin settings fields, which then execute in any user's browser upon visiting an affected page. Exploitation is constrained to WordPress multi-site environments or single-site installs where the unfiltered_html capability has been explicitly disabled, and requires an attacker to already hold administrator-level credentials. No public exploit code has been identified at time of analysis, and the CVSS 4.4 Medium score reflects both the high privilege bar and the specialized deployment conditions required.
File carve operations in osquery prior to 5.23.1 expose sensitive data due to world-readable temporary directory permissions, allowing a local unprivileged attacker to read carve contents during the collection window. If the carve targets a directory the attacker controls, the impact extends to arbitrary local file reads. No public exploit identified at time of analysis; the vendor-confirmed fix ships in osquery 5.23.1.
Authorization bypass in the Invoice123 WordPress plugin (versions up to and including 1.7.0) permits authenticated attackers holding only subscriber-level accounts to overwrite the plugin's external API key, modify invoice configuration settings, and directly alter WooCommerce tax rate records in the database. The root cause is absent capability checks in the plugin's admin-page handlers, meaning low-privilege users can invoke privileged administrative actions over the network. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Authorization bypass in the Easy Appointments WordPress plugin (all versions up to and including 3.12.27) permits any authenticated user holding the Author role or above to mass-cancel every future appointment across the entire site by exploiting a missing capability check on the plugin's AJAX cancellation handler. The attack is made trivially accessible because the nonce required to authenticate the cancellation request is rendered directly on the Appointments admin page, which is gated only by the `edit_posts` capability that Authors possess by default. No public exploit has been identified at time of analysis, but the low privilege barrier and deterministic exploit path present a high-consequence business-disruption risk for any organization running booking workflows on affected installations.