|
2421
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Authentication Bypass by Spoofing vulnerability in Joe Dolson My Tickets my-tickets allows Identity Spoofing.This issue affects My Tickets: from n/a through <= 2.1.1.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-32492
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2422
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de omisión de autenticación por suplantación en Joe Dolson My Tickets my-tickets permite la suplantación de identidad. Este problema afecta a My Tickets: desde n/a hasta <= 2.1.1.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-32492
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2423
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32493
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2424
|
- |
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en eyecix JobSearch wp-jobsearch permite XSS Reflejado. Este problema afecta a Job…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32493
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2425
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Se…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32494
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2426
|
7.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('Cross-site Scripting') en Ays Pro Image Slider de Ays ays-slider permite la Explotación de Niveles de …
|
CWE-79
Cross-site Scripting
|
CVE-2026-32494
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2427
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Link Software LLC WP Terms Popup wp-terms-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Terms Popup: from …
|
CWE-862
Missing Authorization
|
CVE-2026-32495
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2428
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en Link Software LLC WP Terms Popup wp-terms-popup permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este probl…
|
CWE-862
Missing Authorization
|
CVE-2026-32495
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2429
|
6.7 |
MEDIUM
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue af…
|
CWE-22
Path Traversal
|
CVE-2026-32496
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2430
|
6.7 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de limitación incorrecta de un nombre de ruta a un directorio restringido ('Salto de ruta') en NYSL Spam Protect para Contact Form 7 wp-contact-form-7-spam-blocker permite el salto de …
|
CWE-22
Path Traversal
|
CVE-2026-32496
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
