CVE-2026-44751 - Missing Authorization check in Application Server ABAP of SAP NetWeaver and ABAP Platform
CVE ID :CVE-2026-44751
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with low impact on availability and no impact on confidentiality of the application.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44751
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with low impact on availability and no impact on confidentiality of the application.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44754 - Missing caller identification check-in for ODP Data Replication APIs
CVE ID :CVE-2026-44754
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :The Remote Function Call (RFC) modules of the Operational Data Provisioning Data Replication API (ODP-RFC) are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which could lead to unintended disclosure of data, but does not affect integrity, and poses minimal availability concerns for the application.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44754
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :The Remote Function Call (RFC) modules of the Operational Data Provisioning Data Replication API (ODP-RFC) are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which could lead to unintended disclosure of data, but does not affect integrity, and poses minimal availability concerns for the application.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44755 - Email Spoofing vulnerability in SAP Business Objects Business Intelligence Platform
CVE ID :CVE-2026-44755
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerability has a low impact on integrity and does not affect the confidentiality and availability of the application.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44755
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerability has a low impact on integrity and does not affect the confidentiality and availability of the application.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44757 - Cross-Site Scripting (XSS) vulnerability in SAP Wily Introscope Enterprise Manager
CVE ID :CVE-2026-44757
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in the user�s browser within the context of the application. This issue has a low impact on the confidentiality and integrity of the application with no impact on availability.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44757
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in the user�s browser within the context of the application. This issue has a low impact on the confidentiality and integrity of the application with no impact on availability.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8795 - Rapid7 Velociraptor YAML Injection via Hostname
CVE ID :CVE-2026-8795
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client_info.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted collection ZIP can leverage literal double quotes and newlines in the hostname to break out of the YAML quoted string and inject a new mount remapping entry. When an analyst applies the generated remapping file with --remap, arbitrary VQL executes on their machine with NullACLManager (all permissions granted, unsandboxed).
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8795
Published : June 9, 2026, 1:16 a.m. | 1 hour, 48 minutes ago
Description :A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client_info.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted collection ZIP can leverage literal double quotes and newlines in the hostname to break out of the YAML quoted string and inject a new mount remapping entry. When an analyst applies the generated remapping file with --remap, arbitrary VQL executes on their machine with NullACLManager (all permissions granted, unsandboxed).
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-10862 - Accordions <= 2.3.23 - Authenticated (Custom+) Stored Cross-Site Scripting via Accordion Body Field
CVE ID :CVE-2026-10862
Published : June 9, 2026, 2:16 a.m. | 48 minutes ago
Description :The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-10862
Published : June 9, 2026, 2:16 a.m. | 48 minutes ago
Description :The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41975 - Network Management Module Permission Vulnerability
CVE ID :CVE-2026-41975
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41975
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41978 - Clone Module Permission Control Vulnerability
CVE ID :CVE-2026-41978
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41978
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41979 - \[Product Name] Print Module Permission Control Vulnerability
CVE ID :CVE-2026-41979
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41979
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41980 - CouchDB File Preview Permission Control Vulnerability
CVE ID :CVE-2026-41980
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41980
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7662 - ePaperFlip Publisher <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'publicationid' Shortcode Attribute
CVE ID :CVE-2026-7662
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The ePaperFlip Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'publicationid' attribute of the `epaperflip_embed` shortcode in all versions up to, and including, 1. This is due to insufficient input sanitization and output escaping on the shortcode attribute which is injected directly into inline JavaScript. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7662
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The ePaperFlip Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'publicationid' attribute of the `epaperflip_embed` shortcode in all versions up to, and including, 1. This is due to insufficient input sanitization and output escaping on the shortcode attribute which is injected directly into inline JavaScript. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8499 - Helpfulcrowd Product Reviews <= 1.2.9 - Inccorect Authorization via Type Juggling in 'token' Parameter to Arbitrary Settings Update
CVE ID :CVE-2026-8499
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.2.9. This is due to the `helpfulcrowd_validate_token()` function using a loose comparison operator (`!=`) instead of a strict comparison (`!==`) when validating the `token` parameter, while the corresponding REST route `/wp-json/helpfulcrowd/v1/update-settings` is registered with a `permission_callback` of `__return_true`, making it reachable by unauthenticated users; submitting a JSON boolean `true` as the `token` value causes PHP's loose comparison to evaluate as equal to the non-empty base64-encoded secret string, bypassing the check entirely. This makes it possible for unauthenticated attackers to invoke `helpfulcrowd_settings_endpoint()` and write arbitrary attacker-controlled key-value pairs directly into the `helpfulcrowd_options` WordPress database option via `update_option()` without any sanitization or allowlist filtering, enabling full unauthenticated modification of the plugin's stored configuration.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8499
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.2.9. This is due to the `helpfulcrowd_validate_token()` function using a loose comparison operator (`!=`) instead of a strict comparison (`!==`) when validating the `token` parameter, while the corresponding REST route `/wp-json/helpfulcrowd/v1/update-settings` is registered with a `permission_callback` of `__return_true`, making it reachable by unauthenticated users; submitting a JSON boolean `true` as the `token` value causes PHP's loose comparison to evaluate as equal to the non-empty base64-encoded secret string, bypassing the check entirely. This makes it possible for unauthenticated attackers to invoke `helpfulcrowd_settings_endpoint()` and write arbitrary attacker-controlled key-value pairs directly into the `helpfulcrowd_options` WordPress database option via `update_option()` without any sanitization or allowlist filtering, enabling full unauthenticated modification of the plugin's stored configuration.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8841 - Extra Settings for RocketChat <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-8841
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The Extra Settings for RocketChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rocketchat' shortcode's 'title' attribute in versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping in the rxstg_shortcode() function, which concatenates the user-supplied 'title' attribute directly into HTML output. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8841
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The Extra Settings for RocketChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rocketchat' shortcode's 'title' attribute in versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping in the rxstg_shortcode() function, which concatenates the user-supplied 'title' attribute directly into HTML output. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8880 - RomanCart Ecommerce <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-8880
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The RomanCart Ecommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blclass' attribute (and other attributes) of the romancart_button shortcode in versions up to, and including, 2.0.8. This is due to insufficient input sanitization and output escaping on user supplied attributes within the romancart_button_shortcode() function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8880
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The RomanCart Ecommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blclass' attribute (and other attributes) of the romancart_button shortcode in versions up to, and including, 2.0.8. This is due to insufficient input sanitization and output escaping on user supplied attributes within the romancart_button_shortcode() function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8882 - WP ApplicantStack Jobs Display <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-8882
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The WP ApplicantStack Jobs Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8882
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The WP ApplicantStack Jobs Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8883 - Global Body Mass Index Calculator <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-8883
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The Global Body Mass Index Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gbmicalc' shortcode in versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes in the GBMI_Calc_Widget::widget() function. Shortcode attributes are extracted directly into local variables via @extract($args) and then echoed unescaped into an HTML style attribute (height/width) and HTML body context (title), allowing attribute-breakout payloads. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8883
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The Global Body Mass Index Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gbmicalc' shortcode in versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes in the GBMI_Calc_Widget::widget() function. Shortcode attributes are extracted directly into local variables via @extract($args) and then echoed unescaped into an HTML style attribute (height/width) and HTML body context (title), allowing attribute-breakout payloads. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8895 - kk blog card <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-8895
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The kk blog card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'blog-card' shortcode in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping on the shortcode's 'href' and 'type' attributes, which are concatenated directly into HTML attribute contexts in the shortcode callback registered in kk-blog-card-shortcode.php. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8895
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The kk blog card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'blog-card' shortcode in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping on the shortcode's 'href' and 'type' attributes, which are concatenated directly into HTML attribute contexts in the shortcode callback registered in kk-blog-card-shortcode.php. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8902 - AJAX Report Comments <= 2.0.4 - Cross-Site Request Forgery to Settings Update
CVE ID :CVE-2026-8902
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the rc_options_page function. This makes it possible for unauthenticated attackers to modify plugin settings including link text and markup, success/failure/already-reported messages, comment threshold, cookie duration, reporter-comment toggle, and notification email address, subject, and message body via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8902
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the rc_options_page function. This makes it possible for unauthenticated attackers to modify plugin settings including link text and markup, success/failure/already-reported messages, comment threshold, cookie duration, reporter-comment toggle, and notification email address, subject, and message body via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8904 - FastPicker, an order picker and order management system (oms) for WooCommerce on steroids <= 1.0.2 - Cross-Site Request Forgery via Settings Save
CVE ID :CVE-2026-8904
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The FastPicker, an order picker and order management system (oms) for WooCommerce on steroids plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the settingsPage function. This makes it possible for unauthenticated attackers to modify the plugin's settings, including toggling the webhook integration and changing the FastPicker and KDZ API URLs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8904
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The FastPicker, an order picker and order management system (oms) for WooCommerce on steroids plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the settingsPage function. This makes it possible for unauthenticated attackers to modify the plugin's settings, including toggling the webhook integration and changing the FastPicker and KDZ API URLs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8907 - WP-Ultimate-Map <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'zoom-level' Parameter
CVE ID :CVE-2026-8907
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing nonce validation on the process_init() function hooked to admin_init, which saves plugin settings (zoom-level, focus-lat, focus-lng, sel_places, sel_routes) via update_option() based solely on the presence of a save-setting POST parameter. Additionally, the saved values — particularly zoom-level — are stored without sanitization and later echoed into an HTML attribute (and inline JavaScript) on the settings page without escaping. This makes it possible for unauthenticated attackers to change plugin settings and inject arbitrary web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8907
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing nonce validation on the process_init() function hooked to admin_init, which saves plugin settings (zoom-level, focus-lat, focus-lng, sel_places, sel_routes) via update_option() based solely on the presence of a save-setting POST parameter. Additionally, the saved values — particularly zoom-level — are stored without sanitization and later echoed into an HTML attribute (and inline JavaScript) on the settings page without escaping. This makes it possible for unauthenticated attackers to change plugin settings and inject arbitrary web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8909 - WpMobi <= 0.0.3 - Cross-Site Request Forgery via save_general_settings Action
CVE ID :CVE-2026-8909
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The WpMobi plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.3. This is due to missing or incorrect nonce validation on the handleSaveGeneralSettings function. This makes it possible for unauthenticated attackers to modify the plugin's General Settings and inject arbitrary web scripts into the administrator's browser via the unescaped app_name attribute reflection via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. The injected script executes even when the supplied app_name value fails validation and is not persisted to the database, because the form is re-rendered with the attacker-supplied in-memory value on validation failure.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8909
Published : June 9, 2026, 5:16 a.m. | 1 hour, 48 minutes ago
Description :The WpMobi plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.3. This is due to missing or incorrect nonce validation on the handleSaveGeneralSettings function. This makes it possible for unauthenticated attackers to modify the plugin's General Settings and inject arbitrary web scripts into the administrator's browser via the unescaped app_name attribute reflection via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. The injected script executes even when the supplied app_name value fails validation and is not persisted to the database, because the form is re-rendered with the attacker-supplied in-memory value on validation failure.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...