Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-266
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CVE-2026-53902 (GCVE-0-2026-53902)
Vulnerability from cvelistv5 – Published: 2026-07-01 11:58 – Updated: 2026-07-01 13:42
VLAI
Title
Privilege Escalation in MCO
Summary
MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated user can modify their group membership without proper authorization checks, allowing privilege escalation.
An attacker can add themselves to arbitrary groups by supplying a valid group ID, which can be obtained via other application functionalities (e.g. /customer/servlet/mco/webapi/group/picker/groups), provided he has necessary permissions, or potentially inferred through brute-force techniques.
Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 25.3.3.1 but may also affect other versions.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2026/07/CVE-2026-53902 | third-party-advisory |
| https://mco.mycomplianceoffice.com/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MyComplianceOffice | MCO |
Affected:
25.3.3.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-53902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T13:42:48.531051Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T13:42:53.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "MCO",
"vendor": "MyComplianceOffice",
"versions": [
{
"status": "affected",
"version": "25.3.3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hubert Decyusz (AFINE Team)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MCO does not properly enforce authorization checks in the \u003ci\u003e/customer/servlet/mco/webapi/profile-sections/group-membership\u003c/i\u003e endpoint. An authenticated user can modify their group membership without proper authorization checks, allowing privilege escalation.\u003cbr\u003eAn attacker can add themselves to arbitrary groups by supplying a valid group ID, which can be obtained via other application functionalities (e.g.\u0026nbsp;\u003ci\u003e/customer/servlet/mco/webapi/group/picker/groups\u003c/i\u003e), provided he has necessary permissions, or potentially inferred through brute-force techniques.\u003cbr\u003e\u003cp\u003e\u003cspan\u003e\u003cbr\u003eBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 25.3.3.1\u0026nbsp;but may also affect other versions.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated user can modify their group membership without proper authorization checks, allowing privilege escalation.\nAn attacker can add themselves to arbitrary groups by supplying a valid group ID, which can be obtained via other application functionalities (e.g.\u00a0/customer/servlet/mco/webapi/group/picker/groups), provided he has necessary permissions, or potentially inferred through brute-force techniques.\n\n\n\nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 25.3.3.1\u00a0but may also affect other versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T11:58:31.205Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2026/07/CVE-2026-53902"
},
{
"tags": [
"product"
],
"url": "https://mco.mycomplianceoffice.com/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation in MCO",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-53902",
"datePublished": "2026-07-01T11:58:31.205Z",
"dateReserved": "2026-06-11T07:44:52.179Z",
"dateUpdated": "2026-07-01T13:42:53.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54196 (GCVE-0-2026-54196)
Vulnerability from cvelistv5 – Published: 2026-06-17 09:51 – Updated: 2026-06-17 12:16
VLAI
Title
WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability
Summary
Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Jetmonsters | JetFormBuilder |
Affected:
n/a , ≤ 3.6.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T12:16:09.056272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T12:16:17.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "jetformbuilder",
"product": "JetFormBuilder",
"vendor": "Jetmonsters",
"versions": [
{
"changes": [
{
"at": "3.6.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.6.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Baikuya | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subscriber Privilege Escalation in JetFormBuilder \u003c= 3.6.1 versions."
}
],
"value": "Subscriber Privilege Escalation in JetFormBuilder \u003c= 3.6.1 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T09:51:40.708Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/jetformbuilder/vulnerability/wordpress-jetformbuilder-plugin-3-6-1-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress JetFormBuilder Plugin to the latest available version (at least 3.6.1.1)."
}
],
"value": "Update the WordPress JetFormBuilder Plugin to the latest available version (at least 3.6.1.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress JetFormBuilder plugin \u003c= 3.6.1 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-54196",
"datePublished": "2026-06-17T09:51:40.708Z",
"dateReserved": "2026-06-12T09:16:00.860Z",
"dateUpdated": "2026-06-17T12:16:17.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54805 (GCVE-0-2026-54805)
Vulnerability from cvelistv5 – Published: 2026-06-17 09:51 – Updated: 2026-06-17 12:11
VLAI
Title
WordPress Falang multilanguage plugin <= 1.4.2 - Privilege Escalation vulnerability
Summary
Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| sbouey | Falang multilanguage |
Affected:
n/a , ≤ 1.4.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54805",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T12:10:35.997714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T12:11:22.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "falang",
"product": "Falang multilanguage",
"vendor": "sbouey",
"versions": [
{
"changes": [
{
"at": "1.4.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.4.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ParkHyunWoo | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subscriber Privilege Escalation in Falang multilanguage \u003c= 1.4.2 versions."
}
],
"value": "Subscriber Privilege Escalation in Falang multilanguage \u003c= 1.4.2 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T09:51:44.457Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/falang/vulnerability/wordpress-falang-multilanguage-plugin-1-4-2-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Falang multilanguage Plugin to the latest available version (at least 1.4.3)."
}
],
"value": "Update the WordPress Falang multilanguage Plugin to the latest available version (at least 1.4.3)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Falang multilanguage plugin \u003c= 1.4.2 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-54805",
"datePublished": "2026-06-17T09:51:44.457Z",
"dateReserved": "2026-06-16T09:21:34.477Z",
"dateUpdated": "2026-06-17T12:11:22.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54807 (GCVE-0-2026-54807)
Vulnerability from cvelistv5 – Published: 2026-06-17 09:51 – Updated: 2026-06-17 12:15
VLAI
Title
WordPress Registration Form for WooCommerce plugin <= 1.0.9 - Privilege Escalation vulnerability
Summary
Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ThemeGrill | Registration Form for WooCommerce |
Affected:
n/a , ≤ 1.0.9
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T12:15:03.967995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T12:15:13.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "registration-form-for-woocommerce",
"product": "Registration Form for WooCommerce",
"vendor": "ThemeGrill",
"versions": [
{
"changes": [
{
"at": "1.1.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ParkHyunWoo | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthenticated Privilege Escalation in Registration Form for WooCommerce \u003c= 1.0.9 versions."
}
],
"value": "Unauthenticated Privilege Escalation in Registration Form for WooCommerce \u003c= 1.0.9 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T09:51:46.082Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/registration-form-for-woocommerce/vulnerability/wordpress-registration-form-for-woocommerce-plugin-1-0-9-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Registration Form for WooCommerce Plugin to the latest available version (at least 1.1.0)."
}
],
"value": "Update the WordPress Registration Form for WooCommerce Plugin to the latest available version (at least 1.1.0)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Registration Form for WooCommerce plugin \u003c= 1.0.9 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-54807",
"datePublished": "2026-06-17T09:51:46.082Z",
"dateReserved": "2026-06-16T09:21:34.477Z",
"dateUpdated": "2026-06-17T12:15:13.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5484 (GCVE-0-2026-5484)
Vulnerability from cvelistv5 – Published: 2026-04-03 19:45 – Updated: 2026-04-08 18:52 X_Open Source
VLAI
Title
BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control
Summary
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 26.03.1 is able to address this issue. This patch is called 8a59895ba063040cc8dafd82e94024c406df3d04. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/355091 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/355091/cti | signaturepermissions-required |
| https://vuldb.com/submit/781762 | third-party-advisory |
| https://github.com/Ghufran2/CVE-Bookstack/blob/ma… | exploit |
| https://www.bookstackapp.com/blog/bookstack-relea… | related |
| https://github.com/BookStackApp/BookStack/commit/… | patch |
| https://github.com/BookStackApp/BookStack/release… | patch |
| https://github.com/BookStackApp/BookStack/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BookStackApp | BookStack |
Affected:
26.03
Unaffected: 26.03.1 cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5484",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T18:52:37.756630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T18:52:44.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:*"
],
"modules": [
"Chapter Export Handler"
],
"product": "BookStack",
"vendor": "BookStackApp",
"versions": [
{
"status": "affected",
"version": "26.03"
},
{
"status": "unaffected",
"version": "26.03.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ghufran Khan (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 26.03.1 is able to address this issue. This patch is called 8a59895ba063040cc8dafd82e94024c406df3d04. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T19:45:12.967Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-355091 | BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/355091"
},
{
"name": "VDB-355091 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/355091/cti"
},
{
"name": "Submit #781762 | BookstackApp BookStack v25.12.9 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/781762"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Ghufran2/CVE-Bookstack/blob/main/Permission%20Bypass%20in%20Markdown%20Chapter%20Export"
},
{
"tags": [
"related"
],
"url": "https://www.bookstackapp.com/blog/bookstack-release-v26-03-1/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BookStackApp/BookStack/commit/8a59895ba063040cc8dafd82e94024c406df3d04"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BookStackApp/BookStack/releases/tag/v26.03.1"
},
{
"tags": [
"product"
],
"url": "https://github.com/BookStackApp/BookStack/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-04-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-03T15:16:40.000Z",
"value": "VulDB entry last update"
}
],
"title": "BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5484",
"datePublished": "2026-04-03T19:45:12.967Z",
"dateReserved": "2026-04-03T13:10:53.751Z",
"dateUpdated": "2026-04-08T18:52:44.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5526 (GCVE-0-2026-5526)
Vulnerability from cvelistv5 – Published: 2026-04-04 22:15 – Updated: 2026-04-06 14:51
VLAI
Title
Tenda 4G03 Pro httpd access control
Summary
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/355279 | vdb-entry |
| https://vuldb.com/vuln/355279/cti | signaturepermissions-required |
| https://vuldb.com/submit/782052 | third-party-advisory |
| https://www.tenda.com.cn/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenda | 4G03 Pro |
Affected:
1.0
Affected: 1.1 Affected: 04.03.01.0 Affected: 04.03.01.1 Affected: 04.03.01.2 Affected: 04.03.01.3 Affected: 04.03.01.4 Affected: 04.03.01.5 Affected: 04.03.01.6 Affected: 04.03.01.7 Affected: 04.03.01.8 Affected: 04.03.01.9 Affected: 04.03.01.10 Affected: 04.03.01.11 Affected: 04.03.01.12 Affected: 04.03.01.13 Affected: 04.03.01.14 Affected: 04.03.01.15 Affected: 04.03.01.16 Affected: 04.03.01.17 Affected: 04.03.01.18 Affected: 04.03.01.19 Affected: 04.03.01.20 Affected: 04.03.01.21 Affected: 04.03.01.22 Affected: 04.03.01.23 Affected: 04.03.01.24 Affected: 04.03.01.25 Affected: 04.03.01.26 Affected: 04.03.01.27 Affected: 04.03.01.28 Affected: 04.03.01.29 Affected: 04.03.01.30 Affected: 04.03.01.31 Affected: 04.03.01.32 Affected: 04.03.01.33 Affected: 04.03.01.34 Affected: 04.03.01.35 Affected: 04.03.01.36 Affected: 04.03.01.37 Affected: 04.03.01.38 Affected: 04.03.01.39 Affected: 04.03.01.40 Affected: 04.03.01.41 Affected: 04.03.01.42 Affected: 04.03.01.43 Affected: 04.03.01.44 Affected: 04.03.01.45 Affected: 04.03.01.46 Affected: 04.03.01.47 Affected: 04.03.01.48 Affected: 04.03.01.49 Affected: 04.03.01.50 Affected: 04.03.01.51 Affected: 04.03.01.52 Affected: 04.03.01.53 Affected: 192.168.0.0 Affected: 192.168.0.1 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T14:28:18.964474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T14:51:31.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "4G03 Pro",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "04.03.01.0"
},
{
"status": "affected",
"version": "04.03.01.1"
},
{
"status": "affected",
"version": "04.03.01.2"
},
{
"status": "affected",
"version": "04.03.01.3"
},
{
"status": "affected",
"version": "04.03.01.4"
},
{
"status": "affected",
"version": "04.03.01.5"
},
{
"status": "affected",
"version": "04.03.01.6"
},
{
"status": "affected",
"version": "04.03.01.7"
},
{
"status": "affected",
"version": "04.03.01.8"
},
{
"status": "affected",
"version": "04.03.01.9"
},
{
"status": "affected",
"version": "04.03.01.10"
},
{
"status": "affected",
"version": "04.03.01.11"
},
{
"status": "affected",
"version": "04.03.01.12"
},
{
"status": "affected",
"version": "04.03.01.13"
},
{
"status": "affected",
"version": "04.03.01.14"
},
{
"status": "affected",
"version": "04.03.01.15"
},
{
"status": "affected",
"version": "04.03.01.16"
},
{
"status": "affected",
"version": "04.03.01.17"
},
{
"status": "affected",
"version": "04.03.01.18"
},
{
"status": "affected",
"version": "04.03.01.19"
},
{
"status": "affected",
"version": "04.03.01.20"
},
{
"status": "affected",
"version": "04.03.01.21"
},
{
"status": "affected",
"version": "04.03.01.22"
},
{
"status": "affected",
"version": "04.03.01.23"
},
{
"status": "affected",
"version": "04.03.01.24"
},
{
"status": "affected",
"version": "04.03.01.25"
},
{
"status": "affected",
"version": "04.03.01.26"
},
{
"status": "affected",
"version": "04.03.01.27"
},
{
"status": "affected",
"version": "04.03.01.28"
},
{
"status": "affected",
"version": "04.03.01.29"
},
{
"status": "affected",
"version": "04.03.01.30"
},
{
"status": "affected",
"version": "04.03.01.31"
},
{
"status": "affected",
"version": "04.03.01.32"
},
{
"status": "affected",
"version": "04.03.01.33"
},
{
"status": "affected",
"version": "04.03.01.34"
},
{
"status": "affected",
"version": "04.03.01.35"
},
{
"status": "affected",
"version": "04.03.01.36"
},
{
"status": "affected",
"version": "04.03.01.37"
},
{
"status": "affected",
"version": "04.03.01.38"
},
{
"status": "affected",
"version": "04.03.01.39"
},
{
"status": "affected",
"version": "04.03.01.40"
},
{
"status": "affected",
"version": "04.03.01.41"
},
{
"status": "affected",
"version": "04.03.01.42"
},
{
"status": "affected",
"version": "04.03.01.43"
},
{
"status": "affected",
"version": "04.03.01.44"
},
{
"status": "affected",
"version": "04.03.01.45"
},
{
"status": "affected",
"version": "04.03.01.46"
},
{
"status": "affected",
"version": "04.03.01.47"
},
{
"status": "affected",
"version": "04.03.01.48"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.03.01.50"
},
{
"status": "affected",
"version": "04.03.01.51"
},
{
"status": "affected",
"version": "04.03.01.52"
},
{
"status": "affected",
"version": "04.03.01.53"
},
{
"status": "affected",
"version": "192.168.0.0"
},
{
"status": "affected",
"version": "192.168.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "CoreNode (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB Vulnerability Moderation Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T22:15:14.338Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-355279 | Tenda 4G03 Pro httpd access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/355279"
},
{
"name": "VDB-355279 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/355279/cti"
},
{
"name": "Submit #782052 | Tenda Tenda 4G03 Pro V1.0 V04.03.01.53 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/782052"
},
{
"tags": [
"product"
],
"url": "https://www.tenda.com.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-04T08:25:10.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tenda 4G03 Pro httpd access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5526",
"datePublished": "2026-04-04T22:15:14.338Z",
"dateReserved": "2026-04-04T06:19:57.834Z",
"dateUpdated": "2026-04-06T14:51:31.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5529 (GCVE-0-2026-5529)
Vulnerability from cvelistv5 – Published: 2026-04-05 00:15 – Updated: 2026-04-06 19:11
VLAI
Title
Dromara lamp-cloud DefUserController pageUser improper authorization
Summary
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/355282 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/355282/cti | signaturepermissions-required |
| https://vuldb.com/submit/782103 | third-party-advisory |
| https://github.com/dromara/lamp-cloud/issues/403 | exploitissue-tracking |
| https://github.com/dromara/lamp-cloud/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dromara | lamp-cloud |
Affected:
5.8.0
Affected: 5.8.1 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5529",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T19:11:09.815617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T19:11:19.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"DefUserController"
],
"product": "lamp-cloud",
"vendor": "Dromara",
"versions": [
{
"status": "affected",
"version": "5.8.0"
},
{
"status": "affected",
"version": "5.8.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "aibot88 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-05T00:15:13.302Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-355282 | Dromara lamp-cloud DefUserController pageUser improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/355282"
},
{
"name": "VDB-355282 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/355282/cti"
},
{
"name": "Submit #782103 | Dromara lamp-cloud 5.8.1 Broken object property level authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/782103"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/dromara/lamp-cloud/issues/403"
},
{
"tags": [
"product"
],
"url": "https://github.com/dromara/lamp-cloud/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-04T08:32:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Dromara lamp-cloud DefUserController pageUser improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5529",
"datePublished": "2026-04-05T00:15:13.302Z",
"dateReserved": "2026-04-04T06:26:51.702Z",
"dateUpdated": "2026-04-06T19:11:19.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5569 (GCVE-0-2026-5569)
Vulnerability from cvelistv5 – Published: 2026-04-05 13:15 – Updated: 2026-04-06 16:18
VLAI
Title
Technostrobe HI-LED-WR120-G2 Endpoint access control
Summary
A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been made public and could be used. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/355339 | vdb-entry |
| https://vuldb.com/vuln/355339/cti | signaturepermissions-required |
| https://vuldb.com/submit/783322 | third-party-advisory |
| https://github.com/shiky8/my--cve-vulnerability-r… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Technostrobe | HI-LED-WR120-G2 |
Affected:
5.5.0.1R6.03.30
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5569",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T16:17:54.054807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T16:18:11.013Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Endpoint"
],
"product": "HI-LED-WR120-G2",
"vendor": "Technostrobe",
"versions": [
{
"status": "affected",
"version": "5.5.0.1R6.03.30"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "shiky8 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been made public and could be used. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-05T13:15:15.167Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-355339 | Technostrobe HI-LED-WR120-G2 Endpoint access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/355339"
},
{
"name": "VDB-355339 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/355339/cti"
},
{
"name": "Submit #783322 | Technostrobe HI-LED-WR120-G2 Obstruction Lighting Controller 5.5.0.1R6.03.30 Broken Access Control",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/783322"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/shiky8/my--cve-vulnerability-research/blob/main/my_VulnDB_cves/CVE-TECHNOSTROBE-01-BrokenAccessControl.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-04T16:46:24.000Z",
"value": "VulDB entry last update"
}
],
"title": "Technostrobe HI-LED-WR120-G2 Endpoint access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5569",
"datePublished": "2026-04-05T13:15:15.167Z",
"dateReserved": "2026-04-04T14:40:50.587Z",
"dateUpdated": "2026-04-06T16:18:11.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56008 (GCVE-0-2026-56008)
Vulnerability from cvelistv5 – Published: 2026-06-26 14:52 – Updated: 2026-06-29 16:04
VLAI
Title
WordPress Fusion Builder plugin <= 3.15.4 - Privilege Escalation vulnerability
Summary
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ThemeFusion | Fusion Builder |
Affected:
n/a , ≤ 3.15.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T16:04:22.774398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T16:04:31.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "fusion-builder",
"product": "Fusion Builder",
"vendor": "ThemeFusion",
"versions": [
{
"changes": [
{
"at": "3.15.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.15.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "daroo | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contributor Privilege Escalation in Fusion Builder \u003c= 3.15.4 versions."
}
],
"value": "Contributor Privilege Escalation in Fusion Builder \u003c= 3.15.4 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T14:52:28.955Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/fusion-builder/vulnerability/wordpress-fusion-builder-plugin-3-15-4-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Fusion Builder Plugin to the latest available version (at least 3.15.5)."
}
],
"value": "Update the WordPress Fusion Builder Plugin to the latest available version (at least 3.15.5)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Fusion Builder plugin \u003c= 3.15.4 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-56008",
"datePublished": "2026-06-26T14:52:28.955Z",
"dateReserved": "2026-06-18T09:31:56.470Z",
"dateUpdated": "2026-06-29T16:04:31.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56010 (GCVE-0-2026-56010)
Vulnerability from cvelistv5 – Published: 2026-06-26 14:52 – Updated: 2026-06-26 20:18
VLAI
Title
WordPress Abandoned Cart Pro for WooCommerce plugin <= 10.4.0 - Privilege Escalation vulnerability
Summary
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tyche Softwares. | Abandoned Cart Pro for WooCommerce |
Affected:
n/a , ≤ 10.4.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-26T20:13:55.235496Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T20:18:47.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-abandon-cart-pro",
"product": "Abandoned Cart Pro for WooCommerce",
"vendor": "Tyche Softwares.",
"versions": [
{
"changes": [
{
"at": "10.4.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.4.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Ginder | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce \u003c= 10.4.0 versions."
}
],
"value": "Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce \u003c= 10.4.0 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T14:52:29.594Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/woocommerce-abandon-cart-pro/vulnerability/wordpress-abandoned-cart-pro-for-woocommerce-plugin-10-4-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Abandoned Cart Pro for WooCommerce Plugin to the latest available version (at least 10.4.1)."
}
],
"value": "Update the WordPress Abandoned Cart Pro for WooCommerce Plugin to the latest available version (at least 10.4.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Abandoned Cart Pro for WooCommerce plugin \u003c= 10.4.0 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-56010",
"datePublished": "2026-06-26T14:52:29.594Z",
"dateReserved": "2026-06-18T09:31:56.471Z",
"dateUpdated": "2026-06-26T20:18:47.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.