|
4651
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll permite la inyección de objetos. Este problema afecta a WooCommerce Inf…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27045
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4652
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Kaira StoreCustomizer woocustomizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StoreCustomizer: from n/a through…
|
CWE-862
Missing Authorization
|
CVE-2026-27046
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4653
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de Autorización Faltante en Kaira StoreCustomizer woocustomizer permite Explotar Niveles de Seguridad de Control de Acceso Incorrectamente Configurados. Este problema afecta a StoreCus…
|
CWE-862
Missing Authorization
|
CVE-2026-27046
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4654
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Curly Core curly-core allows PHP Local File Inclusion.This issue…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-27047
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4655
|
8.1 |
HIGH
Network
|
-
|
-
|
Control inadecuado del nombre de fichero para la declaración include/require en un programa PHP ('inclusión remota de ficheros PHP') vulnerabilidad en Mikado-Themes Curly Core curly-core permite la i…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-27047
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4656
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.Thi…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-27048
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4657
|
8.1 |
HIGH
Network
|
-
|
-
|
La vulnerabilidad de control inadecuado del nombre de fichero para la declaración Include/Require en el programa PHP ('Inclusión remota de ficheros PHP') en Elated-Themes The Aisle Core theaisle-core…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-27048
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4658
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through <= 1.4.2.
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-27049
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4659
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo en NooTheme Jobica Core jobica-core permite el abuso de autenticación. Este problema afecta a Jobica Core: desde n/a h…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-27049
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4660
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-27051
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
