|
2401
|
8.2 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.Thi…
|
CWE-862
Missing Authorization
|
CVE-2026-31921
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2402
|
8.2 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce permite la explotación de niveles de seguridad de control de acceso con…
|
CWE-862
Missing Authorization
|
CVE-2026-31921
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2403
|
7.7 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
|
CWE-862
Missing Authorization
|
CVE-2026-32441
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2404
|
7.7 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en WebToffee Comments Import & Export comments-import-export-woocommerce permite la explotación de niveles de seguridad de control de acceso configurados i…
|
CWE-862
Missing Authorization
|
CVE-2026-32441
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2405
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through < 1.24.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32482
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2406
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de carga irrestricta de archivo con tipo peligroso en deothemes Ona ona permite cargar un shell web a un servidor web. Este problema afecta a Ona: desde n/a hasta < 1.24.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32482
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2407
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Emai…
|
CWE-862
Missing Authorization
|
CVE-2026-32483
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2408
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en codepeople Contact Form Email contact-form-to-email permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este p…
|
CWE-862
Missing Authorization
|
CVE-2026-32483
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2409
|
8.8 |
HIGH
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-32484
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2410
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en BoldGrid weForms weforms permite la inyección de objetos. Este problema afecta a weForms: desde n/a hasta <= 1.6.26.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-32484
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
