|
1291
|
8.1 |
HIGH
Network
|
-
|
-
|
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-40784
|
2026-04-16 01:16 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1292
|
8.1 |
HIGH
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1…
|
CWE-352
Origin Validation Error
|
CVE-2026-40764
|
2026-04-16 01:16 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1293
|
7.6 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This…
|
CWE-89
SQL Injection
|
CVE-2026-40745
|
2026-04-16 01:16 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1294
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: fr…
|
CWE-862
Missing Authorization
|
CVE-2026-40742
|
2026-04-16 01:16 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1295
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affect…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-40737
|
2026-04-16 01:16 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1296
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a th…
|
CWE-862
Missing Authorization
|
CVE-2026-40728
|
2026-04-16 01:16 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1297
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in DeluxeThemes Userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a before 5.1.11.
|
CWE-352
Origin Validation Error
|
CVE-2025-53444
|
2026-04-16 01:16 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1298
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2026-21331
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1299
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2026-27243
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1300
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2026-27245
|
2026-04-16 01:14 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
