CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The WordPress More Fields Plugin version 2.1 contains a cross-site request forgery (CSRF) vulnerability that allows attackers to perform unauthorized actions by disabling CSRF token validation.
The WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the action parameter. Attackers can send GET requests to abtest_admin.php with malicious action values to include files from the admin directory and execute arbitrary code.
The Brandfolder plugin for WordPress version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wp_abspath parameter.
WordPress Dharma Booking version 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Attackers can supply file paths with directory traversal sequences or null byte injection to the gateway parameter in proccess.php to read sensitive files like configuration and system files.
The WordPress IMDb Profile Widget version 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like wp-config.php containing database credentials and configuration data.
The WordPress Plugin Photocart Link version 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php.
The WordPress Lazy Content Slider Plugin version 3.4 contains a cross-site request forgery (CSRF) vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms.
The WordPress Booking Calendar Contact Form plugin version 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts.
WordPress CP Polls version 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not properly validate the branch code when creating a new branch. This allows an attacker with the appropriate privileges to include path traversal sequences, potentially leading to unintended file storage.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyId_[ID]/Audio/ and /SafeData/.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains insufficient server-side file type validation in the /safe/contract/uploadcustomdocuments endpoint. The application accepts uploaded files based on the user-controlled HTTP Content-Type value, allowing authenticated attackers to upload arbitrary file content.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an IP restriction bypass vulnerability in the login process. An attacker with valid branch user credentials can manipulate the X-Forwarded-For header to spoof the expected branch IP address and obtain a valid authenticated session from an unauthorized network location.
A flaw was found in Ansible Lightspeed related to insufficient session expiration, allowing a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth access token before a user logs out, they can continue to authenticate and access sensitive data.
The Form Builder CP WordPress plugin before version 1.2.47 does not properly sanitize a form configuration value before storing it, allowing Stored Cross-Site Scripting attacks by authenticated users with Editor-level access and above.
The WP Go Maps plugin for WordPress before version 10.0.10 does not perform approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to access marker records that have not yet been approved by an administrator.
The WP Go Maps plugin for WordPress before version 10.0.10 does not properly enforce the marker approval filter on the admin-ajax fallback for its datatables route, allowing unauthenticated visitors to access marker records that the site owner has not approved for public display.
A command injection vulnerability was found in Yealink SIP-T46U version 108.86.0.118 in the mod_webd.TFTPUploadIperf function of the /api/inner/tftpuploadiperf file. The attack requires local network access and can be executed by manipulating the ip/port arguments. The vendor has provided a fix in version 108.87.0.23, which is not yet publicly available.
A command injection vulnerability has been found in Yealink SIP-T46U firmware version 108.86.0.118 in the mod_diagnose.CommandShellByType function of the /api/diagnosis/start file. The attack can be initiated remotely by manipulating the Time argument, and the exploit has been published.

