|
2531
|
6.8 |
MEDIUM
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in icopydoc YML for Yandex Market yml-for-yandex-market allows Path Traversal.This issue affects YML for Y…
|
CWE-22
Path Traversal
|
CVE-2026-32567
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2532
|
6.8 |
MEDIUM
Network
|
-
|
-
|
Limitación Incorrecta de un Nombre de Ruta a un Directorio Restringido ('Salto de Ruta') vulnerabilidad en icopydoc YML para Yandex Market yml-for-yandex-market permite Salto de Ruta. Este problema a…
|
CWE-22
Path Traversal
|
CVE-2026-32567
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2533
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through…
|
CWE-94
Code Injection
|
CVE-2026-32573
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2534
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Control inadecuado de la generación de código ('Inyección de Código') vulnerabilidad en Nelio Software Nelio AB Testing nelio-ab-testing permite la inyección de código. Este problema afecta a Nelio A…
|
CWE-94
Code Injection
|
CVE-2026-32573
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2535
|
8.8 |
HIGH
Network
|
-
|
-
|
The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up…
|
CWE-22
Path Traversal
|
CVE-2026-4758
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2536
|
8.8 |
HIGH
Network
|
-
|
-
|
El plugin WP Job Portal para WordPress es vulnerable a la eliminación arbitraria de archivos debido a una validación insuficiente de la ruta de archivo en la función 'WPJOBPORTALcustomfields::removeF…
|
CWE-22
Path Traversal
|
CVE-2026-4758
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2537
|
8.8 |
HIGH
Network
|
-
|
-
|
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the…
|
CWE-862
Missing Authorization
|
CVE-2026-4484
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2538
|
8.8 |
HIGH
Network
|
-
|
-
|
El plugin Masteriyo LMS para WordPress es vulnerable a una escalada de privilegios en todas las versiones hasta la 2.1.6, inclusive. Esto se debe a que el plugin permite a un usuario actualizar el ro…
|
CWE-862
Missing Authorization
|
CVE-2026-4484
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2539
|
7.0 |
HIGH
Local
|
-
|
-
|
A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a…
|
CWE-377
CWE-378
Insecure Temporary File
Creation of Temporary File With Insecure Permissions
|
CVE-2026-4822
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2540
|
7.0 |
HIGH
Local
|
-
|
-
|
Una vulnerabilidad fue detectada en Enter Software Iperius Backup hasta 8.7.3. Afecta a una función desconocida del archivo C:\ProgramData\IperiusBackup\Jobs\ del componente Backup Service. Realizar …
|
CWE-377
CWE-378
Insecure Temporary File
Creation of Temporary File With Insecure Permissions
|
CVE-2026-4822
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
