2026-07-16
The Redux Framework WordPress plugin before 4.5.13 does not restrict which user meta keys can be written when saving custom profile fields, allowing users with at least the Subscriber role to escalate their privileges to Administrator by submitting a crafted value while updating their own profile, on sites where the Redux Framework WordPress plugin before 4.5.13's user-profile (Users extension) feature is enabled.
Privilege escalation in Axelor Open Platform 8.x before 8.2.2 lets an authenticated non-admin user grant themselves administrative roles and groups by writing to protected User fields through a nested relational save on a related entity, bypassing the USER_RESTRICTED_FIELDS control. The flaw (CWE-863, improper authorization) was reported by VulnCheck and has publicly available exploit code; it is not listed in CISA KEV. With a CVSS 4.0 base score of 8.7 and full compromise of confidentiality, integrity, and availability of the vulnerable system, any low-privileged account can effectively become an administrator.
The Abandoned Cart Lite for WooCommerce WordPress plugin before 6.8.2 does not protect the integrity of its cart-recovery tokens or bind them to the requesting account, allowing unauthenticated attackers to forge a recovery link that logs them in as another user when the automatic-login option is enabled.
Reflected Cross-Site Scripting in the FunnelKit WordPress plugin before 3.15.0.6 lets unauthenticated attackers inject arbitrary JavaScript into a page-builder AJAX response, which executes in the browser of a logged-in user who opens an attacker-crafted link. The flaw is only reachable when the Divi builder integration is active, and publicly available exploit code exists though there is no public exploit identified as actively exploited at time of analysis. EPSS was not provided and the vulnerability is not on CISA KEV, so widespread exploitation is unconfirmed.
Privilege escalation in Argo Workflows before 3.7.15 and 4.0.6 lets a low-privileged user who can submit Workflows bypass the Strict/Secure templateReferencing protections and inject an arbitrary strategic-merge PodSpecPatch into the artifact garbage-collection pod. Because the fix for CVE-2026-31892 only walked top-level WorkflowSpec fields and allow-listed WorkflowSpec.ArtifactGC wholesale, its nested WorkflowLevelArtifactGC.PodSpecPatch flowed unmodified into util.ApplyPodSpecPatch, allowing an attacker to spawn a pod with privileged: true, hostPath volumes, hostNetwork: true, and an attacker-chosen image and command. This is an incomplete-fix regression; there is no public exploit identified at time of analysis and it is not in CISA KEV.
Privilege escalation in the WPFunnels (Funnel Builder for WooCommerce) plugin for WordPress lets authenticated users holding the wpf_manage_funnels capability — typically the plugin's Funnel Manager custom role — rewrite the global wp_user_roles option and grant their own role full administrator capabilities. All versions up to and including 3.12.8 are affected, and Wordfence rates it CVSS 8.8 (High). No public exploit has been identified at time of analysis, but the root cause is trivial (an unvalidated option name reaching update_option()), making reliable weaponization straightforward for a low-privileged insider.
Privilege escalation in the Digits WordPress Mobile Number Signup and Login plugin (all versions through 9.1.0.5) lets authenticated Subscriber-level users promote themselves to Administrator by submitting a forged digits_reg_userrole value during a profile update. The flaw stems from the dig_update_wpwc_custom_fields() function failing to validate the caller's authorization or the requested role. There is no public exploit identified at time of analysis, but the low barrier (any registered user on an affected site with the DIGITS User Role field configured) and full-administrator outcome make this a high-priority patching item.
PowerShell command injection in Lenovo XClarity Integrator for Microsoft Windows Admin Center (versions 5.1.1 and below) running on the WAC Gateway allows an authenticated low-privileged attacker to inject arbitrary PowerShell commands when the plugin establishes remote PowerShell sessions. Successful exploitation yields high-impact code execution that extends beyond the plugin into subsequent systems (managed hosts), with full confidentiality, integrity, and availability compromise. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Sandbox escape in PipeWire's PulseAudio compatibility layer lets a low-privileged process inside a confined environment such as Flatpak load an attacker-controlled library and execute arbitrary code on the host user's session. The flaw (CWE-427) is present in PipeWire as shipped in Red Hat Enterprise Linux 7, 8, 9 and 10 and carries a scope-changing CVSS 3.1 score of 8.8. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Remote code execution in the Loco Translate WordPress plugin (all versions up to and including 2.8.5) is reachable through a Cross-Site Request Forgery flaw in the execTemplate function, where missing nonce validation lets an unauthenticated attacker who tricks a logged-in administrator into clicking a crafted link supply a php://filter stream wrapper as the 'template' parameter, bypassing path validation and reaching a PHP include sink to execute arbitrary code. The chain converts a classic CSRF (CWE-352) into full server compromise, carrying CVSS 8.8 (C:H/I:H/A:H). There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
SQL injection in the Quix Page Builder Pro extension for Joomla lets remote unauthenticated attackers inject arbitrary SQL through a crafted request, enabling database read and write against affected sites. The CVSS 4.0 base score is 8.7 (High), reflecting network vector, low complexity, no privileges, and high impact to confidentiality, integrity, and availability of the vulnerable database. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; a third-party disclosure write-up exists on mysites.guru.
Arbitrary JavaScript execution in Microsoft's @prompty/core TypeScript loader (2.0.0-alpha.1 through 2.0.0-beta.2) allows an attacker who supplies a crafted .prompty file to run code during prompt loading. The loader passed .prompty markdown to gray-matter without disabling its executable 'js'/'javascript' frontmatter engines, so a '---js' frontmatter block is evaluated as Node.js at parse time. Exploitation requires the victim's application to load the malicious file (UI:P); no public exploit is identified at time of analysis and it is not on CISA KEV, but the fix commit ships a working proof-of-concept test.
{...}, $var, or {$obj->prop} are emitted verbatim inside PHP double-quoted literals and interpolated as code when the generated client runs. No public exploit identified at time of analysis, though the fix commit ships a test demonstrating the ${env('HOME')} injection primitive; EPSS and KEV data were not provided.
{}//') demonstrating the break-out.
Denial of service in stoatchat (delta) versions before 20250210-1 (0.8.2) lets a remote unauthenticated attacker exhaust server resources by abusing the 'nearby' message query route. A logic error passes a message limit of zero to the database, which MongoDB interprets as 'no limit', so a single crafted request downloads an entire channel's history; parallelized requests amplify this into resource-exhaustion DoS. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but the upstream fix and a VulnCheck advisory are published.
Missing authentication in Microsoft SimpleChat (prior to 0.241.206) lets remote, unauthenticated clients invoke administrative plugin validation, health-check, and repair endpoints that were documented as protected but never enforced authentication at runtime. Any network-reachable attacker can trigger plugin instantiation, health probing, and repair actions without login or admin rights. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Reflected cross-site scripting in Emlog 2.6.13 and earlier lets a remote attacker execute arbitrary JavaScript in an authenticated administrator's backend session by luring the admin to open a crafted link that hits the user-search feature in admin/user.php. The keyword parameter is sanitized with addslashes but never HTML-escaped before it is echoed into a value attribute in admin/views/user.php, so injected markup breaks out of the attribute and runs in the admin's browser. No public exploit identified at time of analysis, and no fixed version currently exists.
Local privilege escalation in ESET Inspect Connector for Windows lets a low-privileged local user escalate to elevated (SYSTEM-level) privileges by abusing an improperly authenticated ALPC (Asynchronous Local Procedure Call) IPC channel. The affected component is the endpoint agent that links ESET Inspect (EDR) to protected Windows hosts; a non-privileged process can issue unauthenticated requests to a privileged service endpoint that fails to verify the caller. The issue was reported and fixed by ESET, is not listed in CISA KEV, and has no public exploit identified at time of analysis.
Brute-force protection bypass in Perforce Delphix Continuous Data lets remote attackers defeat the account lockout mechanism by firing concurrent authentication requests that race the failed-login counter, allowing unlimited password guessing against a targeted account. The flaw is a time-of-check/time-of-use race (CWE-307) rather than a direct code-execution bug, and no public exploit identified at time of analysis. It matters because it silently neutralizes a control administrators rely on to stop credential-stuffing and password-spraying.
Access-control bypass in Keycloak (fixed in 26.5.3) lets a disabled user account still obtain valid tokens through the JWT authorization grant preview feature. When that feature is enabled, Keycloak omits the account-enabled check during JWT authorization grant processing, so a low-privileged remote attacker who can present a valid assertion token from an external identity provider can mint a JWT for an account an administrator has explicitly disabled, regaining access to protected resources. No public exploit identified at time of analysis and it is not listed in CISA KEV.
Authentication bypass in HCL DFXServer allows remote unauthenticated attackers to reach specific API endpoints directly and perform unauthorized actions without valid credentials, because the application never verifies authentication status on those routes. The primary impact is high confidentiality exposure with limited integrity impact (CVSS 8.2), and the flaw was self-reported by HCL. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Authentication bypass in HCL DFXServer lets an unauthenticated remote attacker intercept and tamper with the server's authentication responses to be granted access as a legitimate user without presenting valid credentials. Rated CVSS 8.2 (high) with CWE-294 (Authentication Bypass by Capture-replay), the flaw exposes confidential application data to any network-reachable attacker. No public exploit identified at time of analysis and it is not listed in CISA KEV.
Authentication/access-control bypass in BigBlueButton's bbb-web component (versions prior to 3.0.21) lets remote attackers reach protected API endpoints without a valid checksum by supplying the presentationUploadExternalUrl parameter. BigBlueButton's API is normally guarded by a shared-secret checksum, so bypassing it undermines the core authorization mechanism for calls such as CreateMeeting. No public exploit identified at time of analysis, though the fixing commit is public; CVSS is 8.1 and there is no CISA KEV listing or EPSS signal in the provided data.
Session hijacking in BigBlueButton before 3.0.21 lets an authenticated conference participant predict and reuse other users' session tokens to impersonate them. The bbb-web component generated 16-character sessionToken values (and 12-character auth tokens and internal user IDs) using Apache Commons RandomStringUtils.randomAlphanumeric, a non-cryptographic PRNG, making the token space guessable to anyone who already holds a valid session. Rated CVSS 8.1 with high confidentiality and integrity impact; no public exploit identified at time of analysis.
Arbitrary file deletion in the Uncanny Automator WordPress plugin (all versions through 7.3.1.4) lets unauthenticated attackers delete any file on the server via untrusted PHP object deserialization in the fr_token function, and deleting a critical file such as wp-config.php can pivute WordPress into an installation/setup state that yields remote code execution. Exploitation is gated by a specific setup: a Forminator form must be connected to an Uncanny Automator recipe whose trigger is configured for 'Everyone', which is what exposes the deserialization sink to anonymous form submissions. A self-contained gadget chain via Action_Helpers_Email::__destruct() ships inside the plugin, so no external gadget library is needed; reported by Wordfence with no public exploit identified at time of analysis and no CISA KEV listing.
Out-of-bounds heap write in QEMU lets a local attacker operating inside a guest virtual machine corrupt memory in the host emulator process, enabling information disclosure, data-integrity corruption, or denial of service. The flaw stems from cpu_physical_memory_map() returning a shorter buffer length than the caller assumes, so subsequent writes spill past the allocation. Rated CVSS 7.8 (CWE-787); no public exploit identified at time of analysis, but multiple distributions (Red Hat, Ubuntu, SUSE, Debian) have shipped fixes.
Local file inclusion in Emlog 2.6.13 and earlier lets an authenticated author supply a path-traversal template value that is stored unvalidated by api_controller.php and later passed to View::getView() in log_controller.php, causing an arbitrary local .php file to be included when the article is viewed. Because included PHP is executed, an attacker who can place or influence a .php file on the host can escalate this to code execution. No public exploit has been identified at time of analysis, and no fixed version currently exists.
Server-side request forgery in Stoatchat before 0.14.0 lets unauthenticated, network-accessible attackers reach internal services that a DNS-based IP blocklist was meant to protect. The url_is_blacklisted function validates only the first resolved address, while the underlying HTTP client iterates over all cached DNS addresses, so a hostname resolving to both an allowed and an internal/blocked IP slips past the check. No public exploit identified at time of analysis; the issue is fixed in the v0.14.0 release and was reported by VulnCheck.
Denial of service in the Feast Feature Server (the Python feature-store serving component, also shipped within Red Hat OpenShift AI/RHOAI) lets remote unauthenticated attackers exhaust host resources through its `/ws/chat` WebSocket endpoint. Because the endpoint accepts unlimited concurrent connections and unbounded message traffic, opening many simultaneous sockets drains memory, CPU, and file descriptors until legitimate clients are locked out. There is no public exploit identified at time of analysis and this is not listed in CISA KEV; the upstream fix in PR #192 caps connections, message size, and message rate.
Webhook token disclosure in stoatchat (the Rust 'delta' backend of the Revolt/stoatchat platform) lets any channel member holding only ViewChannel (read) permission enumerate a channel's webhooks and read their secret tokens. Because a retrieved token authorizes posting, the attacker can then inject arbitrary messages while impersonating a bot or webhook, bypassing the channel's ManageWebhooks and posting permissions. Reported by VulnCheck and fixed in 20250210-1 (0.8.2); no public exploit identified at time of analysis.
Uncontrolled memory allocation in Grafana Loki lets remote unauthenticated users issue queries with excessively large limit values, forcing the service to allocate large amounts of memory and potentially exhausting host resources. The impact is denial of service (CVSS 7.5, A:H only) and varies by deployment topology - a single-binary or under-provisioned deployment is far more exposed than a horizontally scaled microservices setup. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; note the input 'Information Disclosure' tag conflicts with the CVSS impact (C:N/I:N/A:H), which indicates an availability-only issue.
{file:...} expansion resolved paths without confining them to the prompt directory or allowed roots, so absolute paths, ../ traversal, or symlinks could exfiltrate secrets, config, or credentials into the loaded prompt's fields. There is no public exploit identified at time of analysis and it is not in CISA KEV; NVD scores it 7.5 (High), reflecting confidentiality-only impact.
Code injection in Microsoft Kiota's Python client generator (versions prior to 1.32.0) allows an attacker who controls an OpenAPI description to embed arbitrary Python that executes when a developer generates and imports the resulting client. The flaw stems from unsanitized x-ms-enum.values[].description strings being emitted as inline comments; embedded newlines break out of the comment and run at module scope. No public exploit identified at time of analysis, and the issue is not in CISA KEV. The assigned CVSS 3.1 base score is 7.5, though its impact metrics (C:N/I:N/A:H) understate what is functionally full code execution.
{expr}, #$var, or #@var markers are treated as live Ruby interpolation inside generated model classes. There is no public exploit identified at time of analysis and it is not in CISA KEV, but a fix is confirmed in release v1.32.0.
SQL injection in ThemeHunk's Advance Product Search - Voice & Ajax Search for WooCommerce plugin (all versions ≤ 1.4.4) lets unauthenticated attackers inject arbitrary SQL through the 's' and 'match' search parameters, enabling extraction of sensitive database contents such as user credentials and order data. The flaw stems from unescaped, unprepared query construction in the plugin's AJAX search backend and is remotely exploitable without authentication or user interaction. Reported by Wordfence; no public exploit identified at time of analysis and not listed in CISA KEV.
Denial of service in libsolv's PGP signature verification (solv_pgpvrfy) allows remote attackers to crash automated package and repository processing by supplying a crafted Ed25519 signature. The flaw is a stack-based buffer overflow (CWE-121) triggered when the EdDSA 's' MPI is copied into a fixed 64-byte stack buffer using an attacker-controlled mismatched length. It affects the libsolv dependency solver embedded in Red Hat Enterprise Linux 7/8/9/10, OpenShift, Satellite, RHUI, openSUSE/SUSE, Ubuntu and Debian; no public exploit identified at time of analysis and it is not in CISA KEV.
Sensitive credential exposure in Frogman (an mwtcmi FreePBX module providing headless PBX control via MCP and an HTTP API) before 1.6.2 stores API tokens in cleartext, so any read of the oc_api_tokens database table yields fully reusable, active tokens at their assigned permission level - up to admin. Because Frogman.class.php authenticated the X-Frogman-Token header by directly comparing the presented value against the stored raw string, a leaked or read database directly hands an attacker working credentials. Rated CVSS 7.4 (high); no public exploit identified at time of analysis, and the issue is fixed in version 1.6.2.
Local code execution in Lenovo Legion Zone and the Lenovo App Store (China-market Windows builds) allows an authenticated local user to run arbitrary code when either application is installed on a non-system partition. The flaw stems from insecure directory/file permissions (CWE-277) that a low-privileged user can abuse to plant or modify executable content later run with higher privilege. No public exploit is identified at time of analysis and it is not listed in CISA KEV; impact is confined to systems where these Chinese-market Lenovo utilities are deployed to a non-default drive.
Stored cross-site scripting in the Breakdance WordPress page-builder plugin (versions through 2.7.1) lets unauthenticated attackers inject persistent JavaScript through the 'fields' parameter, which then runs in the browser of any user who views the affected page. The flaw carries a CVSS 3.1 score of 7.2, elevated by a scope change (S:C) because the payload executes in visitors' browser sessions rather than the server context. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Wordfence discovered and reported it.
Stored cross-site scripting in the RPB Chessboard WordPress plugin (all versions through 8.1.2) lets unauthenticated attackers plant persistent JavaScript through comment content that executes in the browser of anyone who later views the affected page. The novel aspect, per Wordfence, is that WordPress's normal save-time kses sanitization is bypassed because the payload uses only kses-allowed tags/attributes (an <a> element with title and href) and the dangerous attribute-breaking markup is assembled entirely at render time by the plugin's own comment_text filter. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the unauthenticated, no-interaction entry point makes it a practical drive-by injection risk.
Path traversal in Manyfold's file-rename functionality (versions 0.96.0 through 0.139.x) lets an authenticated user move or write files outside the configured 3D-model library directory. The flaw stems from app/models/model_file.rb passing a user-controlled filename straight into File.join(model.path, filename) without stripping '..' sequences, giving low-privileged users write/overwrite primitives on the host filesystem. No public exploit identified at time of analysis, but the upstream fix commit and its test cases plainly demonstrate the traversal, and the issue is resolved in 0.140.0.
Build-time SSRF, remote file inclusion, and local file inclusion in Microsoft Kiota before 1.32.5 lets an attacker-controlled OpenAPI description force the `kiota generate` command to fetch arbitrary remote http(s) URLs and read local absolute or out-of-tree file paths while resolving $ref values. Because Kiota inlined those external schemas into generated clients, an attacker could exfiltrate internal endpoints or leak local file contents (e.g. REMOTE_KIOTA_PROP-style properties) into produced code. No public exploit has been identified at time of analysis; the risk is developer/CI-toolchain oriented and requires a developer to run generation against a malicious or influenced description (CVSS 7.1).
Local privilege escalation to arbitrary code execution affects Lenovo App Store, a software-distribution client shipped exclusively on Lenovo devices in the Chinese market. A local authenticated user who can interact with the application can leverage its excessive privileges (CWE-250) to run arbitrary code at an elevated privilege level, with high confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so no active exploitation is confirmed.
Local code execution in Lenovo App Store (Chinese-market distribution only) lets an authenticated local user abuse a path traversal weakness to write or load files outside intended directories and run arbitrary code. The flaw was self-reported by Lenovo and carries a CVSS 4.0 base score of 7.0; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high to confidentiality, integrity, and availability of the local system, but exploitation requires existing low-privilege local access plus user interaction.
Arbitrary file write via path traversal in Microsoft Kiota (OpenAPI HTTP client/plugin code generator) before 1.32.5 allows a malicious repository or pull request to place files outside the workspace root on a developer or CI host. The tool trusts the checked-in .kiota/workspace.json and honors attacker-controlled per-client and per-plugin outputPath values during 'kiota client generate' and 'kiota plugin generate' without validating them. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but exploitation is realistic in CI/pull-request workflows since it only requires a developer to run generation against poisoned config.