|
2431
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue affects User Verification: from n/a through <= 2.0.45.
|
CWE-1390
Weak Authentication
|
CVE-2026-32497
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2432
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autenticación débil en PickPlugins User Verification user-verification permite el abuso de autenticación. Este problema afecta a User Verification: desde n/a hasta <= 2.0.45.
|
CWE-1390
Weak Authentication
|
CVE-2026-32497
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2433
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.Thi…
|
CWE-862
Missing Authorization
|
CVE-2026-32498
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2434
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Falta de Autorización en Metagauss RegistrationMagic constructor de formularios de registro personalizados con gestor de envíos permite Explotar Niveles de Seguridad de Control de A…
|
CWE-862
Missing Authorization
|
CVE-2026-32498
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2435
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a thro…
|
CWE-89
SQL Injection
|
CVE-2026-32499
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2436
|
9.3 |
CRITICAL
Network
|
-
|
-
|
La vulnerabilidad de Neutralización Inadecuada de Elementos Especiales utilizados en un Comando SQL ('Inyección SQL') en el chatbot QuantumCloud ChatBot permite Inyección SQL Ciega. Este problema afe…
|
CWE-89
SQL Injection
|
CVE-2026-32499
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2437
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS MetaMax metamax allows PHP Local File Inclusion.This issue affects …
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-32500
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2438
|
8.1 |
HIGH
Network
|
-
|
-
|
Control inadecuado del nombre de fichero para la declaración Include/Require en el programa PHP ('Inclusión Remota de Ficheros PHP') vulnerabilidad en CreativeWS MetaMax metamax permite la Inclusión …
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-32500
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2439
|
7.1 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in wp-configurator WP Configurator Pro wp-configurator-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Configurat…
|
CWE-862
Missing Authorization
|
CVE-2026-32501
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2440
|
7.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en wp-configurator WP Configurator Pro wp-configurator-pro permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este proble…
|
CWE-862
Missing Authorization
|
CVE-2026-32501
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
