|
2841
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for Wor…
|
CWE-862
Missing Authorization
|
CVE-2026-23806
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2842
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad por falta de autorización en las publicaciones de empleo de BlueGlass Interactive AG Jobs for WordPress permite explotar niveles de seguridad de control de acceso configurados incorrec…
|
CWE-862
Missing Authorization
|
CVE-2026-23806
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2843
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget allows Reflected XSS.This issue affec…
|
CWE-79
Cross-site Scripting
|
CVE-2026-23807
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2844
|
7.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') en WP Socio WP Telegram Widget and Join Link wptelegram-widget permite XSS Refl…
|
CWE-79
Cross-site Scripting
|
CVE-2026-23807
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2845
|
8.1 |
HIGH
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in xtemos WoodMart woodmart allows Object Injection.This issue affects WoodMart: from n/a through <= 8.3.8.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-23971
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2846
|
8.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en xtemos WoodMart woodmart permite la inyección de objetos. Este problema afecta a WoodMart: desde n/a hasta <= 8.3.8.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-23971
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2847
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.Thi…
|
CWE-862
Missing Authorization
|
CVE-2026-23972
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2848
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad por falta de autorización en magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce permite explotar niveles de seguridad de control de acceso configurado…
|
CWE-862
Missing Authorization
|
CVE-2026-23972
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2849
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.This issue affects Golo: from n/a through < 1.7.5.
|
CWE-79
Cross-site Scripting
|
CVE-2026-23973
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2850
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en uxper Golo golo permite XSS Reflejado. Este problema afecta a Golo: desde n/a h…
|
CWE-79
Cross-site Scripting
|
CVE-2026-23973
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
