CVE Security

The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authorization in versions up to and including 3.30.1. This ...

Web


                                    CVE-2026-6419

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-6895

The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation i...

Web


                                    CVE-2026-6895

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-6897

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\F...

Web


                                    CVE-2026-6897

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-41149

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0...

Applications Web


                                    CVE-2026-41149

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-41075

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection...

Web


                                    CVE-2026-41075

Lire l'article

high 8.7

29/05/2026

Vulnérabilité high détectée - CVE-2026-41147

NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability caused by insuf...

Web


                                    CVE-2026-41147

Lire l'article

high 7.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-41074

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery (CSRF) vuln...

Web


                                    CVE-2026-41074

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-40607

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.11.0 through 2.28.1, a Stored XSS vulnerability is caused by incorrect es...

Web


                                    CVE-2026-40607

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-40596

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.11.0 through 2.28.1 allow any authenticated user to inject arbitrary HTML by...

Web


                                    CVE-2026-40596

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-40597

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability...

Applications Web


                                    CVE-2026-40597

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-39970

TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain a critical stored XSS vulnerability in the app.typebot.io profile picture upload ...

Applications Web


                                    CVE-2026-39970

Lire l'article

medium 6.1

29/05/2026

Vulnérabilité medium détectée - CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in appl...

Web


                                    CVE-2026-27136

Lire l'article

2 3 4 5 6