CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
The Envo's Templates & Widgets for Elementor and WooCommerce plugin up to version 1.4.26 lacks authorization in the Envo Tabs widget, allowing authenticated attackers with Author-level access to disclose private Elementor content. By supplying a private template ID in the widget, an attacker can make that content visible to anonymous visitors.
The Email Subscribers & Newsletters plugin for WordPress up to version 5.9.27 is vulnerable to authorization bypass. Authenticated attackers with contributor-level access or higher can overwrite mail settings, create audience lists, insert contacts, create and overwrite newsletters, add workflows, and send mass emails to arbitrary recipients.
The Insert Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post custom field keys (meta key names) in all versions up to and including 3.11.4. This is due to insufficient output escaping of the custom field key ($key) in the the_meta() function, while the field value is properly sanitized. Authenticated attackers with author-level access or above can inject arbitrary web scripts that execute when a user views an injected page.
The yootheme WordPress theme before version 5.0.35 does not prevent its bundled front-end framework from treating certain HTML attributes, which are permitted by wp_kses_post(), as markup. This allows users with the Author role to perform Stored Cross-Site Scripting attacks that execute in the browser of any user viewing the affected post.
A vulnerability in Craft CMS allows users with system email template editing permissions to read server files, including the .env file containing passwords and API keys. An attacker can escalate to full admin account takeover by forging session tokens.
Craft CMS versions 4.0.0-RC1 through 4.18.0 and 5.0.0-RC1 through 5.10.0 are vulnerable to SSRF and arbitrary JavaScript injection via the /actions/app/resource-js endpoint. An attacker can poison the Host or X-Forwarded-Host header to bypass URL validation and force the Guzzle client to fetch a malicious payload from an external server.
In Craft CMS versions 5.0.0-RC1 through 5.9.20, a vulnerability exists due to improper authorization in the EntriesController::actionMoveToSection() endpoint. An authenticated low-privileged user can move an entry to a section where they have only read access without the required write permissions, breaking the section-level authorization model.
Craft CMS has an authorization issue in AssetsController::actionReplaceFile that allows an authenticated user to delete a source asset without source delete permission. Affected versions are 5.0.0-RC1 through 5.9.20 and 4.0.0-RC1 through 4.17.13.
A vulnerability in Cloudflare Universal SSL allows bypassing strict CAA records with accounturi or validationmethods parameters (RFC 8657) during TLS certificate issuance. The auto-managed CAA RRset overrides customer configuration, potentially enabling an attacker to obtain a trusted certificate for the victim's domain.
An uninitialized use vulnerability in the Dawn component of Google Chrome on ChromeOS prior to version 150.0.7871.46 allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
An uninitialized use vulnerability in the ANGLE component of Google Chrome prior to 150.0.7871.46 allows a remote attacker to leak cross-origin data via a crafted HTML page. The issue is rated as High severity by Chromium security.
Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
An inappropriate implementation in the Skia library in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. The issue is rated as low severity.
An uninitialized use vulnerability in the Dawn component of Google Chrome prior to version 150.0.7871.46 allows a remote attacker to read potentially sensitive information from process memory via a crafted HTML page.
An out-of-bounds read vulnerability in V8 in Google Chrome prior to 150.0.7871.46 allows an attacker to convince a user to install a malicious extension, potentially leaking sensitive information from process memory.
An inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. The issue is rated as medium severity.
An uninitialized use vulnerability in the ANGLE component of Google Chrome on Windows prior to version 150.0.7871.46 allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
An uninitialized use vulnerability in the Dawn component in Google Chrome prior to version 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
An out-of-bounds read vulnerability in the ANGLE component of Google Chrome prior to version 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
An integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.

