๐จ CVE-2026-23769
lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files.
๐@cveNotify
lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files.
๐@cveNotify
๐จ CVE-2025-14757
The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the complete_payment AJAX action being registered via wp_ajax_nopriv, making it accessible to unauthenticated users, and the complete() function only verifying a nonce without checking user capabilities or order ownership. Since nonces are exposed to all visitors via window.ccb_nonces in the page source, any unauthenticated attacker can mark any order's payment status as "completed" without actual payment.
๐@cveNotify
The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the complete_payment AJAX action being registered via wp_ajax_nopriv, making it accessible to unauthenticated users, and the complete() function only verifying a nonce without checking user capabilities or order ownership. Since nonces are exposed to all visitors via window.ccb_nonces in the page source, any unauthenticated attacker can mark any order's payment status as "completed" without actual payment.
๐@cveNotify
๐จ CVE-2025-14844
The Membership Plugin โ Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcp_stripe_create_setup_intent_for_saved_card' function due to missing capability check. Additionally, the plugin does not check a user-controlled key, which makes it possible for unauthenticated attackers to leak Stripe SetupIntent client_secret values for any membership.
๐@cveNotify
The Membership Plugin โ Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcp_stripe_create_setup_intent_for_saved_card' function due to missing capability check. Additionally, the plugin does not check a user-controlled key, which makes it possible for unauthenticated attackers to leak Stripe SetupIntent client_secret values for any membership.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-639: Authorization Bypass Through User-Controlled Key (4.19.1)
CWE-639: Authorization Bypass Through User-Controlled Key (4.19.1)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-59870
HCL MyXalytics is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk
๐@cveNotify
HCL MyXalytics is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk
๐@cveNotify
Hcl-Software
Security Bulletin : HCL MyXalytics v6.7 is affected by improper management of a static JWT signing secret - Customer Support
HCL MyXalytics v6.7 is affected by improper management of a static JWT signing secret.
๐จ CVE-2025-14894
Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed.
๐@cveNotify
Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed.
๐@cveNotify
GitHub
GitHub - livewire-filemanager/filemanager: A simple, friendly and practical Livewire filemanager for your applications
A simple, friendly and practical Livewire filemanager for your applications - livewire-filemanager/filemanager
๐จ CVE-2026-0612
The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.
๐@cveNotify
The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.
๐@cveNotify
mindgard.ai
TheLibrarian.io's AI Security Is Checked Out, and Their Disclosure Response - Mindgard
The Mindgard platform identified high severity vulnerabilities in TheLibrarian.io platform
๐จ CVE-2026-0613
The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has fixed the vulnerability in all affected versions.
๐@cveNotify
The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has fixed the vulnerability in all affected versions.
๐@cveNotify
mindgard.ai
TheLibrarian.io's AI Security Is Checked Out, and Their Disclosure Response - Mindgard
The Mindgard platform identified high severity vulnerabilities in TheLibrarian.io platform
๐จ CVE-2026-0615
The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions.
๐@cveNotify
The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions.
๐@cveNotify
mindgard.ai
TheLibrarian.io's AI Security Is Checked Out, and Their Disclosure Response - Mindgard
The Mindgard platform identified high severity vulnerabilities in TheLibrarian.io platform
๐จ CVE-2026-0616
TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions.
๐@cveNotify
TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions.
๐@cveNotify
mindgard.ai
TheLibrarian.io's AI Security Is Checked Out, and Their Disclosure Response - Mindgard
The Mindgard platform identified high severity vulnerabilities in TheLibrarian.io platform
๐จ CVE-2025-15104
Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services. While the validator implements hostname-based protections to block direct access to localhost and 127.0.0.1, these controls can be bypassed using DNS rebinding techniques or domains that resolve to loopback addresses.This issue affects The Nu Html Checker (vnu): latest (commit 23f090a11bab8d0d4e698f1ffc197a4fe226a9cd).
๐@cveNotify
Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services. While the validator implements hostname-based protections to block direct access to localhost and 127.0.0.1, these controls can be bypassed using DNS rebinding techniques or domains that resolve to loopback addresses.This issue affects The Nu Html Checker (vnu): latest (commit 23f090a11bab8d0d4e698f1ffc197a4fe226a9cd).
๐@cveNotify
Fluidattacks
Nu Html Checker (validator.nu) - Restriction bypass vulnerability allowing local SSRF | Fluid Attacks
CVE-2025-15104: Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources.
๐จ CVE-2025-70298
GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.
๐@cveNotify
GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.
๐@cveNotify
GitHub
POC/dmx_ogg/GPAC_oggdmx_parse_tags_offbyone.md at main ยท zakkanijia/POC
Contribute to zakkanijia/POC development by creating an account on GitHub.
๐จ CVE-2025-70304
A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
๐@cveNotify
A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
๐@cveNotify
GitHub
POC/gpac_vobsub/GPAC_vobsub.md at main ยท zakkanijia/POC
Contribute to zakkanijia/POC development by creating an account on GitHub.
๐จ CVE-2025-70305
A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.
๐@cveNotify
A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.
๐@cveNotify
GitHub
POC/gpac_saf/GPAC_SAF.md at main ยท zakkanijia/POC
Contribute to zakkanijia/POC development by creating an account on GitHub.
๐จ CVE-2025-70308
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .gsf file.
๐@cveNotify
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .gsf file.
๐@cveNotify
GitHub
POC/gpac_gsf/GPAC_gsf.md at main ยท zakkanijia/POC
Contribute to zakkanijia/POC development by creating an account on GitHub.
๐1
๐จ CVE-2025-70309
A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file.
๐@cveNotify
A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file.
๐@cveNotify
GitHub
POC/gpac_rawpcm/GPAC_RFPCM.md at main ยท zakkanijia/POC
Contribute to zakkanijia/POC development by creating an account on GitHub.
๐จ CVE-2025-70310
A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file.
๐@cveNotify
A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file.
๐@cveNotify
GitHub
POC/gpac_dec_vorbis/GPAC_VORBIS.md at main ยท zakkanijia/POC
Contribute to zakkanijia/POC development by creating an account on GitHub.
๐จ CVE-2017-1000226
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
๐@cveNotify
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
๐@cveNotify
Dxw
Stop User Enumeration allows user enumeration via the REST API โ dxw advisories
dxw advisory: Stop User Enumeration allows user enumeration via the REST API (fixed) - July 25, 2017
๐จ CVE-2017-18536
The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS.
๐@cveNotify
The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS.
๐@cveNotify
WordPress.org
Stop User Enumeration
Helps secure your site against hacking attacks through detecting User Enumeration
๐จ CVE-2020-25760
Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.
๐@cveNotify
Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.
๐@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
๐จ CVE-2020-25761
Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc.
๐@cveNotify
Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc.
๐@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
๐จ CVE-2021-24767
The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF attack
๐@cveNotify
The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF attack
๐@cveNotify
WPScan
Redirect 404 Error Page to Homepage or Custom Page with Logs < 1.7.9 - Log Deletion via CSRF
See details on Redirect 404 Error Page to Homepage or Custom Page with Logs < 1.7.9 - Log Deletion via CSRF CVE 2021-24767. View the latest Plugin Vulnerabilities on WPScan.