|
3271
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 1.2.1 via the /wp-json/site-prober/v1/logs REST API endpoint. The permissions_re…
|
CWE-862
Missing Authorization
|
CVE-2026-3569
|
2026-04-24 23:38 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3272
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes (iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice) in all versions up to a…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4078
|
2026-04-24 23:38 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3273
|
6.5 |
MEDIUM
Network
|
dnnsoftware
|
dotnetnuke
|
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affec…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2026-40306
|
2026-04-24 23:29 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3274
|
4.7 |
MEDIUM
Network
|
oracle
|
applications_framework
|
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulner…
|
CWE-284
Improper Access Control
|
CVE-2026-34298
|
2026-04-24 23:29 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3275
|
6.5 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_maintenance_management
|
Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploita…
|
CWE-284
Improper Access Control
|
CVE-2026-34299
|
2026-04-24 23:28 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3276
|
6.5 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_maintenance_management
|
Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploita…
|
CWE-284
Improper Access Control
|
CVE-2026-34301
|
2026-04-24 23:28 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3277
|
5.5 |
MEDIUM
Network
|
oracle
|
workflow
|
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Loader). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows…
|
CWE-284
Improper Access Control
|
CVE-2026-34302
|
2026-04-24 23:27 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3278
|
7.5 |
HIGH
Network
|
oracle
|
weblogic_server
|
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0…
|
CWE-200
Information Exposure
|
CVE-2026-34305
|
2026-04-24 23:27 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3279
|
6.5 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_project_costing
|
Vulnerability in the PeopleSoft Enterprise FIN Project Costing product of Oracle PeopleSoft (component: Projects). The supported version that is affected is 9.2. Easily exploitable vulnerability al…
|
CWE-284
Improper Access Control
|
CVE-2026-34306
|
2026-04-24 23:26 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3280
|
5.4 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_peopletools
|
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows…
|
CWE-284
Improper Access Control
|
CVE-2026-34307
|
2026-04-24 23:26 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
