|
1011
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be exe…
New
|
CWE-352
CWE-862
Origin Validation Error
Missing Authorization
|
CVE-2026-9486
|
2026-05-27 04:37 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1012
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. Th…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-9568
|
2026-05-27 04:37 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1013
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Ruben Garcia GamiPress allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects GamiPress: from n/a through 7.6.3.
New
|
CWE-862
Missing Authorization
|
CVE-2026-24546
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1014
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Nikki Blight QR Redirector allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects QR Redirector: from n/a through 2.0.3.
New
|
CWE-862
Missing Authorization
|
CVE-2026-24545
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1015
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery.
This issue affects Export WP Page to Static HTML/CSS: from n/a through …
New
|
CWE-352
Origin Validation Error
|
CVE-2026-24574
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1016
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery.
This issue affects Organization chart: from n/a through 1.7.5.
New
|
CWE-352
Origin Validation Error
|
CVE-2026-24597
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1017
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS.
This issue affects Team Showcase: from n/a through …
New
|
CWE-79
Cross-site Scripting
|
CVE-2025-62745
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1018
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue …
New
|
CWE-862
Missing Authorization
|
CVE-2026-24527
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1019
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery.
This issue affects WPSubscription: from n/a through 1.9.1.
New
|
CWE-352
Origin Validation Error
|
CVE-2026-24554
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1020
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in WPPOOL FlexTable allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects FlexTable: from n/a through 3.24.0.
New
|
CWE-862
Missing Authorization
|
CVE-2026-24582
|
2026-05-27 04:31 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
