|
1821
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affe…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39575
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1822
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16.
|
CWE-862
Missing Authorization
|
CVE-2026-39585
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1823
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a throu…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-39586
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1824
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in nmerii NM Gift Registry and Wishlist Lite nm-gift-registry-and-wishlist-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue …
|
CWE-862
Missing Authorization
|
CVE-2026-39588
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1825
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DEPART: from n…
|
CWE-862
Missing Authorization
|
CVE-2026-39592
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1826
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a thr…
|
CWE-862
Missing Authorization
|
CVE-2026-39602
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1827
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through <= 5.7.8.
|
CWE-352
Origin Validation Error
|
CVE-2026-39603
|
2026-04-25 03:07 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1828
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookTable Bookstore mybooktable allows Stored XSS.This issue affects MyBookTable Book…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39604
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1829
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: fro…
|
CWE-862
Missing Authorization
|
CVE-2026-39605
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1830
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.1…
|
CWE-862
Missing Authorization
|
CVE-2026-39606
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
