Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24967 | 1 Wordpress | 1 Wordpress | 2026-04-16 | 5.3 Medium |
| Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through <= 1.2.38. | ||||
| CVE-2026-24982 | 2 Brainstormforce, Wordpress | 2 Spectra, Wordpress | 2026-04-16 | 5.3 Medium |
| Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17. | ||||
| CVE-2026-24984 | 1 Wordpress | 1 Wordpress | 2026-04-16 | 6.5 Medium |
| Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through <= 2.2.9. | ||||
| CVE-2026-24986 | 2 Wordpress, Wp.insider | 2 Wordpress, Simple Membership Wp User Import | 2026-04-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through <= 1.9.1. | ||||
| CVE-2026-24990 | 2 Fahad Mahmood, Wordpress | 2 Wp Docs, Wordpress | 2026-04-16 | 5.4 Medium |
| Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through <= 2.2.8. | ||||
| CVE-2026-24991 | 1 Wordpress | 1 Wordpress | 2026-04-16 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extensions For CF7: from n/a through <= 3.4.0. | ||||
| CVE-2026-24992 | 2 Wordpress, Wpfactory | 2 Wordpress, Advanced Woocommerce Product Sales Reporting | 2026-04-16 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through <= 4.1.2. | ||||
| CVE-2026-24994 | 2 Sunshinephotocart, Wordpress | 2 Sunshine Photo Cart, Wordpress | 2026-04-16 | 5.3 Medium |
| Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.2. | ||||
| CVE-2026-39305 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-04-16 | 9 Critical |
| PraisonAI is a multi-agent teams system. Prior to 1.5.113, the Action Orchestrator feature contains a Path Traversal vulnerability that allows an attacker (or compromised agent) to write to arbitrary files outside of the configured workspace directory. By supplying relative path segments (../) in the target path, malicious actions can overwrite sensitive system files or drop executable payloads on the host. This vulnerability is fixed in 1.5.113. | ||||
| CVE-2026-39306 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-04-16 | 7.3 High |
| PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry pull flow extracts attacker-controlled .praison tar archives with tar.extractall() and does not validate archive member paths before extraction. A malicious publisher can upload a recipe bundle that contains ../ traversal entries and any user who later pulls that recipe will write files outside the output directory they selected. This is a path traversal / arbitrary file write vulnerability on the client side of the recipe registry workflow. It affects both the local registry pull path and the HTTP registry pull path. The checksum verification does not prevent exploitation because the malicious traversal payload is part of the signed bundle itself. This vulnerability is fixed in 1.5.113. | ||||
| CVE-2026-40960 | 2026-04-16 | 8.1 High | ||
| Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it. | ||||
| CVE-2026-40959 | 2026-04-16 | 9.3 Critical | ||
| Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod. | ||||
| CVE-2026-39307 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-04-16 | 8.1 High |
| PraisonAI is a multi-agent teams system. Prior to 1.5.113, The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources (e.g., GitHub), the application uses Python's zipfile.extractall() without verifying if the files within the archive resolve outside of the intended extraction directory. This vulnerability is fixed in 1.5.113. | ||||
| CVE-2026-40503 | 2026-04-16 | 6.5 Medium | ||
| OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can manipulate the path input parameter to escape the project memory directory and access sensitive files accessible to the OpenHarness process without filesystem containment validation. | ||||
| CVE-2026-40502 | 2026-04-16 | 8.8 High | ||
| OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execute administrative commands such as /permissions full_auto through remote chat sessions to change permission modes of a running OpenHarness instance without operator authorization. | ||||
| CVE-2026-40499 | 1 Radare | 1 Radare2 | 2026-04-16 | N/A |
| radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted section names to inject r2 commands that are executed when the idp command processes the file. | ||||
| CVE-2026-39922 | 2 Geonode, Geosolutionsgroup | 2 Geonode, Geonode | 2026-04-16 | 6.3 Medium |
| GeoNode versions 4.4.5 and 5.0.2 (and prior within their respective releases) contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated attackers to trigger outbound network requests to arbitrary URLs by submitting a crafted service URL during form validation. Attackers can probe internal network targets including loopback addresses, RFC1918 private IP ranges, link-local addresses, and cloud metadata services by exploiting insufficient URL validation in the WMS service handler without private IP filtering or allowlist enforcement. | ||||
| CVE-2026-39921 | 2 Geonode, Geosolutionsgroup | 2 Geonode, Geonode | 2026-04-16 | 6.3 Medium |
| GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbound HTTP requests by providing a malicious URL via the doc_url parameter during document upload. Attackers can supply URLs pointing to internal network targets, loopback addresses, RFC1918 addresses, or cloud metadata services to cause the server to make requests to internal resources without SSRF mitigations such as private IP filtering or redirect validation. | ||||
| CVE-2026-39308 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-04-16 | 7.1 High |
| PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious publisher can place ../ traversal sequences in the bundle manifest and cause the registry server to create files outside the configured registry root even though the request is ultimately rejected with HTTP 400. This is an arbitrary file write / path traversal issue on the registry host. It affects deployments that expose the recipe registry publish flow. If the registry is intentionally run without a token, any network client that can reach the service can trigger it. If a token is configured, any user with publish access can still exploit it. This vulnerability is fixed in 1.5.113. | ||||
| CVE-2026-24998 | 2 Wordpress, Wpmudev | 2 Wordpress, Hustle | 2026-04-16 | 5.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through <= 7.8.9.2. | ||||