|
3541
|
8.1 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through <= 4.4.9.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-32488
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3542
|
8.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Asignación Incorrecta de Privilegios en wpeverest User Registration user-registration permite la escalada de privilegios. Este problema afecta a User Registration: desde n/a hasta &…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-32488
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3543
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through < 2.0.30.
|
CWE-862
Missing Authorization
|
CVE-2026-32489
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3544
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de Autorización Faltante en bPlugins B Blocks b-blocks permite la Explotación de Niveles de Seguridad de Control de Acceso Incorrectamente Configurados. Este problema afecta a B Blocks…
|
CWE-862
Missing Authorization
|
CVE-2026-32489
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3545
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue …
|
CWE-79
Cross-site Scripting
|
CVE-2026-32490
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3546
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider permite XSS…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32490
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3547
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Sli…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32491
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3548
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en jgwhite33 WP Review Slider wp-facebook-reviews permite XSS Almacenado. Este pro…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32491
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3549
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Authentication Bypass by Spoofing vulnerability in Joe Dolson My Tickets my-tickets allows Identity Spoofing.This issue affects My Tickets: from n/a through <= 2.1.1.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-32492
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3550
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de omisión de autenticación por suplantación en Joe Dolson My Tickets my-tickets permite la suplantación de identidad. Este problema afecta a My Tickets: desde n/a hasta <= 2.1.1.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-32492
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
