|
2301
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from …
|
CWE-862
Missing Authorization
|
CVE-2026-25401
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2302
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de falta de autorización en Arni Cinco WPCargo Track & Trace wpcargo permite la explotación de niveles de seguridad de control de acceso incorrectamente configurados. Este problema…
|
CWE-862
Missing Authorization
|
CVE-2026-25401
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2303
|
8.8 |
HIGH
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeum Tutor LMS Pro tutor-pro allows Authentication Abuse.This issue affects Tutor LMS Pro: from n/a through <= 3.9.4.
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-25406
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2304
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de omisión de autenticación usando una ruta o canal alternativo en Themeum Tutor LMS Pro tutor-pro permite el abuso de autenticación. Este problema afecta a Tutor LMS Pro: desde n/a ha…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-25406
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2305
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-25413
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2306
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de carga sin restricciones de archivo con tipo peligroso en iqonicdesign WPBookit Pro wpbookit-pro permite el uso de archivos maliciosos. Este problema afecta a WPBookit Pro: desde n/a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-25413
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2307
|
8.8 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-25414
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2308
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Asignación Incorrecta de Privilegios en iqonicdesign WPBookit Pro wpbookit-pro permite la escalada de privilegios. Este problema afecta a WPBookit Pro: desde n/a hasta <= 1.6.18.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-25414
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2309
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This is…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25417
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2310
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Neutralización Inadecuada de Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities permite XSS…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25417
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
