CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
An Insecure Direct Object References (IDOR) vulnerability in BookPro version 1.1.0 and earlier allows an unauthenticated attacker to access resources they should not have permission to. The issue stems from a lack of authorization checks when directly referencing objects.
In Auros Core versions up to and including 5.3.1, there is an unauthenticated content injection vulnerability. An attacker without authentication can modify application content.
The Donation Thermometer plugin versions up to 2.2.7 contain an unauthenticated broken access control vulnerability. An attacker without authentication can gain unauthorized access to plugin functions.
The Live Copy Paste for Elementor plugin in versions 1.5.3 and below contains a vulnerability due to improper access control for contributors. This allows users with the contributor role to perform unauthorized actions.
The Restaurant Menu by MotoPress plugin in versions 2.4.11 and earlier contains a vulnerability related to broken access control by subscribers. Users with the subscriber role can gain unauthorized access to restaurant menu management functions.
The Forget About Shortcode Buttons plugin in versions 2.1.3 and below contains a vulnerability due to improper access control for contributors. A user with the contributor role can gain unauthorized access to functions that should be reserved for higher roles.
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags.
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details.
In JetBrains YouTrack before 2026.2.16593, improper authorization in the app configurations endpoint allowed unauthorized modification of project settings.
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint.
In JetBrains Kotlin before version 2.4.20, a vulnerability was found that allows code execution via unsafe deserialization in the build cache metadata.
The Mattermost Go module github.com/mattermost/mattermost/server/public versions < v0.1.22 fail to validate path parameters when constructing API route paths which allows an attacker to redirect API calls to unintended endpoints via crafted IDs containing path traversal components.
Sending a deeply nested ASN1 structure to an Apache Kerby client or service can trigger a StackOverFlow exception, leading to denial of service (DoS).
The Exclusive Addons Elementor plugin for WordPress contains a Stored Cross-Site Scripting (XSS) vulnerability due to improper input neutralization during page generation. The flaw affects all versions up to and including 2.7.9.8.
A vulnerability in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) allows brute-force credential cracking. Attackers on the same local network can intercept traffic between the Hub and cameras and compromise camera credentials.
A vulnerability in jupyter/nbconvert versions up to 7.17.0 allows Cross-site Scripting (XSS) via unsanitized `text/vnd.mermaid` output in HTML exports. The `data_mermaid` block in `share/templates/lab/base.html.j2` renders `text/vnd.mermaid` cell output directly into HTML without escaping, enabling attackers to inject arbitrary HTML/JavaScript by breaking out of the `<pre>` tag.
The User Registration & Membership plugin for WordPress up to version 5.2.0 contains a vulnerability due to missing validation in the confirm_payment() function. This allows unauthenticated attackers to bypass payment processing and activate paid memberships.
The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the 'Allow guest uploads' setting is enabled by an administrator, the same deletion primitive becomes reachable by unauthenticated users.
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through version 2.4.8 contains a path traversal vulnerability, allowing an attacker to retrieve directory listings for arbitrary directories on the server.
Server-Side Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF) vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plugin version 3.1.4 and earlier on Linux. A remote attacker can execute JavaScript server-side and make arbitrary outbound HTTP requests via crafted content embedded in Markdown input. The PDF rendering engine does not restrict script execution or outbound network access.

