CVE-2026-20462 - Telephony Heap Buffer Overflow Privilege Escalation
CVE ID :CVE-2026-20462
Published : July 1, 2026, 3:14 a.m. | 16 minutes ago
Description :In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20462
Published : July 1, 2026, 3:14 a.m. | 16 minutes ago
Description :In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20463 - Modem Privilege Escalation via Permissions Bypass
CVE ID :CVE-2026-20463
Published : July 1, 2026, 3:14 a.m. | 16 minutes ago
Description :In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20463
Published : July 1, 2026, 3:14 a.m. | 16 minutes ago
Description :In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12090 - Taskbuilder <= 5.0.8 - Authenticated (Subscriber+) SQL Injection via 'wppm_proj_filter' Parameter
CVE ID :CVE-2026-12090
Published : July 1, 2026, 3:43 a.m. | 3 hours, 47 minutes ago
Description :The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to generic SQL Injection via the 'wppm_proj_filter' parameter in all versions up to, and including, 5.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. No nonce verification is performed on the wp_ajax_wppm_view_project_tasks handler, meaning any authenticated session — including subscriber-level — can reach the vulnerable code path without any additional preconditions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12090
Published : July 1, 2026, 3:43 a.m. | 3 hours, 47 minutes ago
Description :The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to generic SQL Injection via the 'wppm_proj_filter' parameter in all versions up to, and including, 5.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. No nonce verification is performed on the wp_ajax_wppm_view_project_tasks handler, meaning any authenticated session — including subscriber-level — can reach the vulnerable code path without any additional preconditions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12135 - FV Flowplayer Video Player <= 7.5.51.7212 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'video_player' Shortcode
CVE ID :CVE-2026-12135
Published : July 1, 2026, 3:43 a.m. | 3 hours, 47 minutes ago
Description :The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'video_player' shortcode 'align' attribute in all versions up to, and including, 7.5.51.7212 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12135
Published : July 1, 2026, 3:43 a.m. | 3 hours, 47 minutes ago
Description :The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'video_player' shortcode 'align' attribute in all versions up to, and including, 7.5.51.7212 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-58518 - Mediawiki RedirectManager Extension CSRF
CVE ID :CVE-2026-58518
Published : July 1, 2026, 3:52 a.m. | 3 hours, 39 minutes ago
Description :Cross-Site request forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - RedirectManager Extension allows Cross Site Request Forgery. This issue affects Mediawiki - RedirectManager Extension: from * before 1.3.3.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-58518
Published : July 1, 2026, 3:52 a.m. | 3 hours, 39 minutes ago
Description :Cross-Site request forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - RedirectManager Extension allows Cross Site Request Forgery. This issue affects Mediawiki - RedirectManager Extension: from * before 1.3.3.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-58519 - Stored XSS through Cargo's map format
CVE ID :CVE-2026-58519
Published : July 1, 2026, 3:59 a.m. | 3 hours, 31 minutes ago
Description :Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS. This issue affects Mediawiki - Cargo Extension: from * before 3.9.1.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-58519
Published : July 1, 2026, 3:59 a.m. | 3 hours, 31 minutes ago
Description :Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS. This issue affects Mediawiki - Cargo Extension: from * before 3.9.1.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7517 - Custom Payment Gateways for WooCommerce <= 2.1.0 - Unauthenticated Stored Cross-Site Scripting via 'alg_wc_cpg_input_fields' Parameter
CVE ID :CVE-2026-7517
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The Custom Payment Gateways for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alg_wc_cpg_input_fields' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability is exploitable by unauthenticated guest users submitting a crafted checkout POST request, requiring no custom input fields to be configured in the plugin.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7517
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The Custom Payment Gateways for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alg_wc_cpg_input_fields' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability is exploitable by unauthenticated guest users submitting a crafted checkout POST request, requiring no custom input fields to be configured in the plugin.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12113 - Appointment Booking Calendar <= 1.4.02 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure
CVE ID :CVE-2026-12113
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.02 via the cpabc_appointments_filter_list. This makes it possible for authenticated attackers, with contributor-level access and above, to extract customer names, email addresses, phone numbers, appointment comments, and other booking personally identifiable information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12113
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.02 via the cpabc_appointments_filter_list. This makes it possible for authenticated attackers, with contributor-level access and above, to extract customer names, email addresses, phone numbers, appointment comments, and other booking personally identifiable information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2387 - Event Organiser <= 3.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via eo_events Shortcode
CVE ID :CVE-2026-2387
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The Event Organiser plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.12.9. This is due to the 'eo_events' shortcode accepting attacker-controlled 'no_events' content and rendering it in event list templates without output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-2387
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The Event Organiser plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.12.9. This is due to the 'eo_events' shortcode accepting attacker-controlled 'no_events' content and rendering it in event list templates without output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11981 - GiveWP <= 4.15.3 - Cross-Site Request Forgery
CVE ID :CVE-2026-11981
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.15.3 This is due to missing nonce validation on the give_set_notification_status_handler() function. This makes it possible for unauthenticated attackers to disable donation email notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-11981
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.15.3 This is due to missing nonce validation on the give_set_notification_status_handler() function. This makes it possible for unauthenticated attackers to disable donation email notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11988 - LearnPress <= 4.3.9.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Disclosure via 'userId' Parameter
CVE ID :CVE-2026-11988
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.9.1 via the 'userId' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to view the course enrollment progress and completion data belonging to any instructor or administrator account on the site. This IDOR does not apply when the target user is a regular subscriber, as the guard correctly blocks cross-subscriber access; exploitation is limited to cases where the victim user holds the LP_TEACHER_ROLE or administrator role.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-11988
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.9.1 via the 'userId' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to view the course enrollment progress and completion data belonging to any instructor or administrator account on the site. This IDOR does not apply when the target user is a regular subscriber, as the guard correctly blocks cross-subscriber access; exploitation is limited to cases where the victim user holds the LP_TEACHER_ROLE or administrator role.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12127 - WPForms <= 1.10.2 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via Reply-To Display Name
CVE ID :CVE-2026-12127
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences ('CRLF Injection') in all versions up to, and including, 1.10.2 This is due to `get_reply_to_address()` processing the Reply-To display name through smart-tag expansion with context `'notification'` instead of `'notification-reply-to'`, which bypasses email-address validation while `wpforms_sanitize_textarea_field()` intentionally preserves CR/LF characters that are never stripped before the display name is concatenated into the raw `Reply-To:` mail header string. This makes it possible for unauthenticated attackers to inject arbitrary additional email headers — such as `Bcc:` — into outgoing notification emails, silently blind-copying all notification email copies to an attacker-controlled address. Exploitation requires that a form notification is configured to use a Paragraph Text (textarea) field as the Reply-To display name via a Smart Tag.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12127
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences ('CRLF Injection') in all versions up to, and including, 1.10.2 This is due to `get_reply_to_address()` processing the Reply-To display name through smart-tag expansion with context `'notification'` instead of `'notification-reply-to'`, which bypasses email-address validation while `wpforms_sanitize_textarea_field()` intentionally preserves CR/LF characters that are never stripped before the display name is concatenated into the raw `Reply-To:` mail header string. This makes it possible for unauthenticated attackers to inject arbitrary additional email headers — such as `Bcc:` — into outgoing notification emails, silently blind-copying all notification email copies to an attacker-controlled address. Exploitation requires that a form notification is configured to use a Paragraph Text (textarea) field as the Reply-To display name via a Smart Tag.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6070 - WP-BusinessDirectory <= 4.0.1 - Unauthenticated Arbitrary File Deletion via Path Traversal via '_filename' Parameter
CVE ID :CVE-2026-6070
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in versions up to and including 4.0.1. This is due to insufficient path validation in the remove() method of the JBusinessDirectoryControllerUpload class. The task=upload.remove endpoint is accessible without authentication via the plugin's frontend routing system. The _filename parameter is accepted with RAW filter (no sanitization), and the helper function makePathFile() only normalizes directory separator characters without stripping path traversal sequences (../). When combined with the _path_type=2 parameter, which sets the base directory to the plugin's site folder, an attacker can supply a _filename value containing ../ sequences to traverse outside the plugin directory and call PHP's unlink() on arbitrary files — including wp-config.php, wp-config-backup.php, or other critical server files accessible to the web server process. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6070
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in versions up to and including 4.0.1. This is due to insufficient path validation in the remove() method of the JBusinessDirectoryControllerUpload class. The task=upload.remove endpoint is accessible without authentication via the plugin's frontend routing system. The _filename parameter is accepted with RAW filter (no sanitization), and the helper function makePathFile() only normalizes directory separator characters without stripping path traversal sequences (../). When combined with the _path_type=2 parameter, which sets the base directory to the plugin's site folder, an attacker can supply a _filename value containing ../ sequences to traverse outside the plugin directory and call PHP's unlink() on arbitrary files — including wp-config.php, wp-config-backup.php, or other critical server files accessible to the web server process. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11380 - JetWidgets For Elementor <= 1.0.21 - Authenticated (Author+) Stored Cross-Site Scripting via Animated Box 'animation_effect' Setting
CVE ID :CVE-2026-11380
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animation_effect setting before it is rendered inside an HTML class attribute. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-11380
Published : July 1, 2026, 4:32 a.m. | 2 hours, 59 minutes ago
Description :The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animation_effect setting before it is rendered inside an HTML class attribute. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12579 - AS228T - Authentication Bypass Vulnerability
CVE ID :CVE-2026-12579
Published : July 1, 2026, 5:22 a.m. | 2 hours, 8 minutes ago
Description :AS228T with Authentication Bypass Vulnerability
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12579
Published : July 1, 2026, 5:22 a.m. | 2 hours, 8 minutes ago
Description :AS228T with Authentication Bypass Vulnerability
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14193 - DVP80ES300T - Improper Validation of Array Index Vulnerability
CVE ID :CVE-2026-14193
Published : July 1, 2026, 5:30 a.m. | 2 hours ago
Description :DVP80ES300T with Improper Validation of Array Index Vulnerability
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14193
Published : July 1, 2026, 5:30 a.m. | 2 hours ago
Description :DVP80ES300T with Improper Validation of Array Index Vulnerability
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11823 - BookingPress Appointment Booking Pro <= 5.7.1 - Unauthenticated SQL Injection via 'store_service_date' Parameter
CVE ID :CVE-2026-11823
Published : July 1, 2026, 5:35 a.m. | 1 hour, 56 minutes ago
Description :The BookingPress Appointment Booking Pro plugin for WordPress is vulnerable to SQL Injection via the 'store_service_date' parameter of the bpa_assign_staffmember_to_slots() function in versions up to and including 5.7.1. This is due to the explicit use of stripslashes_deep() on user-supplied POST data before it is interpolated verbatim into a SQL LIKE clause without use of $wpdb->prepare() or any parameterization. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-11823
Published : July 1, 2026, 5:35 a.m. | 1 hour, 56 minutes ago
Description :The BookingPress Appointment Booking Pro plugin for WordPress is vulnerable to SQL Injection via the 'store_service_date' parameter of the bpa_assign_staffmember_to_slots() function in versions up to and including 5.7.1. This is due to the explicit use of stripslashes_deep() on user-supplied POST data before it is interpolated verbatim into a SQL LIKE clause without use of $wpdb->prepare() or any parameterization. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1239 - Ninja Forms <= 3.14.1 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via token/refresh REST Endpoint
CVE ID :CVE-2026-1239
Published : July 1, 2026, 5:35 a.m. | 1 hour, 56 minutes ago
Description :The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the 'ninja-forms-views/token/refresh' REST callback in all versions up to, and including, 3.14.1. This makes it possible for unauthenticated attackers to view form submissions, which could potentially contain sensitive information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-1239
Published : July 1, 2026, 5:35 a.m. | 1 hour, 56 minutes ago
Description :The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the 'ninja-forms-views/token/refresh' REST callback in all versions up to, and including, 3.14.1. This makes it possible for unauthenticated attackers to view form submissions, which could potentially contain sensitive information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-15666 - Open Asset Import Library Assimp Model File SceneCombiner.cpp Copy heap-based overflow
CVE ID :CVE-2025-15666
Published : July 1, 2026, 5:45 a.m. | 1 hour, 46 minutes ago
Description :A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2025-15666
Published : July 1, 2026, 5:45 a.m. | 1 hour, 46 minutes ago
Description :A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-10750 - Royal MCP < 1.4.26 - Subscriber+ Insufficient Authorization in MCP Tools
CVE ID :CVE-2026-10750
Published : July 1, 2026, 6 a.m. | 1 hour, 31 minutes ago
Description :The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify, or delete content owned by other users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-10750
Published : July 1, 2026, 6 a.m. | 1 hour, 31 minutes ago
Description :The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify, or delete content owned by other users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11562 - WS Form LITE < 1.11.8 - Subscriber+ Arbitrary Settings Update
CVE ID :CVE-2026-11562
Published : July 1, 2026, 6 a.m. | 1 hour, 31 minutes ago
Description :The WS Form LITE WordPress plugin before 1.11.8 does not have a capability check on one of its settings-update actions, allowing authenticated users with subscriber-level access and above to modify the WS Form LITE WordPress plugin before 1.11.8's settings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-11562
Published : July 1, 2026, 6 a.m. | 1 hour, 31 minutes ago
Description :The WS Form LITE WordPress plugin before 1.11.8 does not have a capability check on one of its settings-update actions, allowing authenticated users with subscriber-level access and above to modify the WS Form LITE WordPress plugin before 1.11.8's settings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...