Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-862 Clear
ID Title
CVE-2026-12404 Vulnerability in wordpress (CVE-2026-12404)
vulnerability in wordpress (CVE-2026-12404). Risk of unauthorized operations or information disclosure.
CVE-2026-55838 Vulnerability in CVE-2026-55838 (CVE-2026-55838)
vulnerability in CVE-2026-55838 (CVE-2026-55838). Risk of unauthorized operations or information disclosure.
CVE-2026-55189 Vulnerability in CVE-2026-55189 (CVE-2026-55189)
vulnerability in CVE-2026-55189 (CVE-2026-55189). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-55188 Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-49991 Path Traversal in path-traversal (CVE-2026-49991)
path traversal in path-traversal (CVE-2026-49991). Data can be tampered with by attackers.
CVE-2026-47193 Information Disclosure in CVE-2026-47193 (CVE-2026-47193)
vulnerability in CVE-2026-47193 (CVE-2026-47193). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-44734 Vulnerability in CVE-2026-44734 (CVE-2026-44734)
vulnerability in CVE-2026-44734 (CVE-2026-44734). Data can be tampered with by attackers. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2026-12411 Vulnerability in canonical (CVE-2026-12411)
vulnerability in canonical (CVE-2026-12411). Confidential information can be exposed externally.
CVE-2026-57660 Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions.
Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions.
CVE-2026-57661 Subscriber Broken Access Control in WPComplete <= 2.9.5.5 versions.
Subscriber Broken Access Control in WPComplete <= 2.9.5.5 versions.
CVE-2026-57649 Subscriber Broken Access Control in Shoppable Images Lite <= 1.3 versions.
Subscriber Broken Access Control in Shoppable Images Lite <= 1.3 versions.
CVE-2026-57648 Contributor Broken Access Control in Nelio Content <= 4.3.4 versions.
Contributor Broken Access Control in Nelio Content <= 4.3.4 versions.
CVE-2026-57654 Affiliate Broken Access Control in Affiliates Manager <= 2.9.49 versions.
Affiliate Broken Access Control in Affiliates Manager <= 2.9.49 versions.
CVE-2026-57645 newsletters_subscribers Broken Access Control in Newsletters <= 4.13 versions.
newsletters_subscribers Broken Access Control in Newsletters <= 4.13 versions.
CVE-2026-57640 Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions.
Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions.
CVE-2026-57632 Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend <= 1.19.0 versions.
Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend <= 1.19.0 versions.
CVE-2026-57430 Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions.
Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions.
CVE-2026-57323 Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions.
Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions.
CVE-2026-57622 Subscriber Broken Access Control in WPCafe <= 3.0.14 versions.
Subscriber Broken Access Control in WPCafe <= 3.0.14 versions.
CVE-2026-57324 Unauthenticated Broken Access Control in GIFT4U <= 1.0.10 versions.
Unauthenticated Broken Access Control in GIFT4U <= 1.0.10 versions.
CVE-2026-56773 Vulnerability in CVE-2026-56773 (CVE-2026-56773)
vulnerability in CVE-2026-56773 (CVE-2026-56773). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v2/tables/get`.
CVE-2026-56038 Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
CVE-2026-56063 Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions.
Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions.
CVE-2026-56061 Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions.
Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions.
CVE-2026-56025 Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions.
Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions.
CVE-2026-54840 Unauthenticated Broken Access Control in Newsletters <= 4.13 versions.
Unauthenticated Broken Access Control in Newsletters <= 4.13 versions.
CVE-2026-54847 Unauthenticated Broken Access Control in Stylish Cost Calculator <= 8.3.9 versions.
Unauthenticated Broken Access Control in Stylish Cost Calculator <= 8.3.9 versions.
CVE-2026-54837 Vulnerability in CVE-2026-54837 (CVE-2026-54837)
vulnerability in CVE-2026-54837 (CVE-2026-54837). Confidential information can be exposed externally.
CVE-2026-54835 Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions.
Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions.
CVE-2026-54846 Vulnerability in CVE-2026-54846 (CVE-2026-54846)
vulnerability in CVE-2026-54846 (CVE-2026-54846). Confidential information can be exposed externally.
CVE-2026-52701 Unauthenticated Broken Access Control in User Registration <= 5.2.2 versions.
Unauthenticated Broken Access Control in User Registration <= 5.2.2 versions.
CVE-2026-54832 Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions.
Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions.
CVE-2026-24547 Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
CVE-2025-64636 Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.
Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.
CVE-2025-63041 Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.
Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.
CVE-2025-63079 Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.
Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.
CVE-2025-63078 Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.
Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.
CVE-2026-57923 Vulnerability in jetbrains (CVE-2026-57923)
vulnerability in jetbrains (CVE-2026-57923). Data can be tampered with by attackers.
CVE-2026-57921 Vulnerability in jetbrains (CVE-2026-57921)
vulnerability in jetbrains (CVE-2026-57921). Risk of unauthorized operations or information disclosure.
CVE-2026-57922 In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
CVE-2026-57925 Vulnerability in jetbrains (CVE-2026-57925)
vulnerability in jetbrains (CVE-2026-57925). Risk of unauthorized operations or information disclosure.
CVE-2026-1869 Vulnerability in wordpress (CVE-2026-1869)
vulnerability in wordpress (CVE-2026-1869). Risk of unauthorized operations or information disclosure.
CVE-2026-57520 Vulnerability in privilege-escalation (CVE-2026-57520)
vulnerability in privilege-escalation (CVE-2026-57520). Data can be tampered with by attackers.
CVE-2026-2299 Vulnerability in CVE-2026-2299 (CVE-2026-2299)
vulnerability in CVE-2026-2299 (CVE-2026-2299). Risk of unauthorized operations or information disclosure.
CVE-2026-57521 Vulnerability in bitwarden (CVE-2026-57521)
vulnerability in bitwarden (CVE-2026-57521). Risk of unauthorized operations or information disclosure.
CVE-2026-56768 Vulnerability in CVE-2026-56768 (CVE-2026-56768)
vulnerability in CVE-2026-56768 (CVE-2026-56768). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v2.1/share-link-zip-task/`.
CVE-2026-56767 Vulnerability in CVE-2026-56767 (CVE-2026-56767)
vulnerability in CVE-2026-56767 (CVE-2026-56767). Successful exploitation can lead to full system takeover.
CVE-2026-48941 Vulnerability in joomlaworks (CVE-2026-48941)
vulnerability in joomlaworks (CVE-2026-48941). Risk of unauthorized operations or information disclosure. Exploitable via ``item.checkin``.
CVE-2026-54027 Vulnerability in librechat (CVE-2026-54027)
vulnerability in librechat (CVE-2026-54027). Data can be tampered with by attackers. Exploitable via `POST /api/files/images`. Mitigation: upgrade to `0.8.4-rc1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →