|
471
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Taqnix plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to a missing nonce verification in the taqnix_delete_my_account() …
New
|
CWE-352
Origin Validation Error
|
CVE-2026-3565
|
2026-04-24 23:38 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
472
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 1.2.1 via the /wp-json/site-prober/v1/logs REST API endpoint. The permissions_re…
New
|
CWE-862
Missing Authorization
|
CVE-2026-3569
|
2026-04-24 23:38 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
473
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes (iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice) in all versions up to a…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-4078
|
2026-04-24 23:38 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
474
|
6.5 |
MEDIUM
Network
|
dnnsoftware
|
dotnetnuke
|
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affec…
Update
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2026-40306
|
2026-04-24 23:29 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
475
|
4.7 |
MEDIUM
Network
|
oracle
|
applications_framework
|
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulner…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34298
|
2026-04-24 23:29 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
476
|
6.5 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_maintenance_management
|
Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploita…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34299
|
2026-04-24 23:28 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
477
|
6.5 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_maintenance_management
|
Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploita…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34301
|
2026-04-24 23:28 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
478
|
5.5 |
MEDIUM
Network
|
oracle
|
workflow
|
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Loader). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34302
|
2026-04-24 23:27 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
479
|
7.5 |
HIGH
Network
|
oracle
|
weblogic_server
|
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0…
New
|
CWE-200
Information Exposure
|
CVE-2026-34305
|
2026-04-24 23:27 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
480
|
6.5 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_project_costing
|
Vulnerability in the PeopleSoft Enterprise FIN Project Costing product of Oracle PeopleSoft (component: Projects). The supported version that is affected is 9.2. Easily exploitable vulnerability al…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34306
|
2026-04-24 23:26 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
