|
2021
|
4.9 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects B2BKing: from n/a before 5.2.10.
|
CWE-862
Missing Authorization
|
CVE-2026-27346
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2022
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects WP Search Analytics: from n/a befor…
|
CWE-862
Missing Authorization
|
CVE-2026-27357
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2023
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects RSVP and Event Management: from …
|
CWE-862
Missing Authorization
|
CVE-2026-27398
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2024
|
7.2 |
HIGH
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection.
This issue affects Broadcast Live Video: from n/a before 7.1.3.
|
CWE-94
Code Injection
|
CVE-2026-24937
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2025
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Linethemes NanoCare allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects NanoCare: from n/a before 1.2.2.
|
CWE-862
Missing Authorization
|
CVE-2026-32389
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2026
|
7.1 |
HIGH
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in bgermann CformsII allows Cross Site Request Forgery.
This issue affects CformsII: from n/a through 15.1.3.
|
CWE-352
Origin Validation Error
|
CVE-2026-39436
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2027
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in SePay team SePay Gateway allows Retrieve Embedded Sensitive Data.
This issue affects SePay Gateway: from n/a through 1.1.20.
|
CWE-862
Missing Authorization
|
CVE-2026-42763
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2028
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.
This issue affects eMagicOne Store…
|
CWE-89
SQL Injection
|
CVE-2026-42773
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2029
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection.
This issue affects JetEngine: from n/a through 3.8.8.…
|
CWE-89
SQL Injection
|
CVE-2026-42774
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2030
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Sunshine Photo Cart: from n/a throu…
|
CWE-862
Missing Authorization
|
CVE-2026-42776
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
