|
3661
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through…
|
CWE-94
Code Injection
|
CVE-2026-32573
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3662
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Control inadecuado de la generación de código ('Inyección de Código') vulnerabilidad en Nelio Software Nelio AB Testing nelio-ab-testing permite la inyección de código. Este problema afecta a Nelio A…
|
CWE-94
Code Injection
|
CVE-2026-32573
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3663
|
8.8 |
HIGH
Network
|
-
|
-
|
The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up…
|
CWE-22
Path Traversal
|
CVE-2026-4758
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3664
|
8.8 |
HIGH
Network
|
-
|
-
|
El plugin WP Job Portal para WordPress es vulnerable a la eliminación arbitraria de archivos debido a una validación insuficiente de la ruta de archivo en la función 'WPJOBPORTALcustomfields::removeF…
|
CWE-22
Path Traversal
|
CVE-2026-4758
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3665
|
8.8 |
HIGH
Network
|
-
|
-
|
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the…
|
CWE-862
Missing Authorization
|
CVE-2026-4484
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3666
|
8.8 |
HIGH
Network
|
-
|
-
|
El plugin Masteriyo LMS para WordPress es vulnerable a una escalada de privilegios en todas las versiones hasta la 2.1.6, inclusive. Esto se debe a que el plugin permite a un usuario actualizar el ro…
|
CWE-862
Missing Authorization
|
CVE-2026-4484
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3667
|
7.0 |
HIGH
Local
|
-
|
-
|
A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\ProgramData\IperiusBackup\Jobs\ of the component Backup Service. Performing a…
|
CWE-377
CWE-378
Insecure Temporary File
Creation of Temporary File With Insecure Permissions
|
CVE-2026-4822
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3668
|
7.0 |
HIGH
Local
|
-
|
-
|
Una vulnerabilidad fue detectada en Enter Software Iperius Backup hasta 8.7.3. Afecta a una función desconocida del archivo C:\ProgramData\IperiusBackup\Jobs\ del componente Backup Service. Realizar …
|
CWE-377
CWE-378
Insecure Temporary File
Creation of Temporary File With Insecure Permissions
|
CVE-2026-4822
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3669
|
2.5 |
LOW
Local
|
-
|
-
|
A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to inf…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-4823
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3670
|
2.5 |
LOW
Local
|
-
|
-
|
Se ha encontrado una falla en Enter Software Iperius Backup hasta la versión 8.7.3. Afectada por esta vulnerabilidad es una funcionalidad desconocida del componente Gestor NTLM2. La ejecución de una …
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-4823
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
