Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

25142 risultati

VulnerabilitàAlta
CVE-2026-12136 - SysBasics Customize My Account for WooCommerce <= 4.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

CVE ID :CVE-2026-12136 Published : June 18, 2026, 6:50 a.m. | 4 hours, 52 minutes ago Description :The Customize My Account For Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sysbasics_user_avatar' shortcode in versions up to, and including, 4.3.6. This is due to insufficient input sanitization and output escaping on user supplied attributes (min_height, min_width, max_height, max_width) in the wcmamtx_get_avatar_default() function, which are concatenated unescaped into the get_avatar() extra_attr style attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-55746 - Cotonti stored XSS via PFS folder title

CVE ID :CVE-2026-55746 Published : June 18, 2026, 6:46 a.m. | 4 hours, 55 minutes ago Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to stored Cross-Site Scripting in the Personal File Storage (PFS) module. A folder title (pff_title) is imported with the 'TXT' filter, which does not strip or encode HTML (the tag check in cot_import is disabled), so an authenticated user can store HTML/JavaScript in a folder title. In modules/pfs/inc/pfs.main.php the title is assigned to the template variable PFF_ROW_TITLE without htmlspecialchars(), and modules/pfs/tpl/pfs.tpl outputs {PFF_ROW_TITLE} unescaped. When the folder listing is viewed (including by other users for public folders), the injected script executes in the victim's browser. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-28573 - Android Persistent Denial of Service

CVE ID :CVE-2026-28573 Published : June 18, 2026, 6:29 a.m. | 5 hours, 13 minutes ago Description :In AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-55745 - Cotonti CSRF in PFS folder edit allows unauthorized folder modification

CVE ID :CVE-2026-55745 Published : June 18, 2026, 6:07 a.m. | 5 hours, 35 minutes ago Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.editfolder.php, the folder update action ('a=update') updates folder metadata (title, description, public/gallery flags) without calling cot_check_xg() to validate the anti-CSRF token. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged request that modifies the victim's folder metadata, including making a private folder public. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-55744 - Cotonti CSRF in PFS allows forced arbitrary file upload

CVE ID :CVE-2026-55744 Published : June 18, 2026, 6:06 a.m. | 5 hours, 35 minutes ago Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.main.php, the file upload action ('a=upload') processes uploaded files without calling cot_check_xg() to validate the anti-CSRF token, even though sibling actions such as 'delete' (line 272) do. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged multipart request that uploads arbitrary files into the victim's PFS storage. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-55742 - Cotonti CSRF in admin.rights.php allows privilege escalation

CVE ID :CVE-2026-55742 Published : June 18, 2026, 6:05 a.m. | 5 hours, 37 minutes ago Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action ('a=update') modifies group access rights (including via cot_auth_add_group) without calling cot_check_xg() to validate the anti-CSRF token. A remote attacker who lures an authenticated administrator into visiting a malicious page can force the browser to submit a forged request that grants elevated permissions to an attacker-controlled group, escalating privileges to administrator. Because Cotonti administrators can modify templates and configuration, this can be further leveraged toward remote code execution. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-55741 - Cotonti CSRF in admin.config.php allows unauthorized configuration changes

CVE ID :CVE-2026-55741 Published : June 18, 2026, 6:04 a.m. | 5 hours, 38 minutes ago Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action ('a=update') processes POST data via cot_config_update_options() without calling cot_check_xg() to validate the anti-CSRF token (the 'x' parameter), unlike other admin handlers (e.g. admin.structure.php, admin.cache.php). A remote attacker who lures an authenticated administrator into visiting a malicious page can force the browser to submit a forged request that modifies arbitrary core, module, or plugin configuration options, which can be leveraged to weaken security or enable further compromise. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-9815 - MagicForm <= 0.1.3 - Unauthenticated Arbitrary File Upload to RCE

CVE ID :CVE-2026-9815 Published : June 18, 2026, 6 a.m. | 5 hours, 42 minutes ago Description :The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-55740 - SQL Injection in Nur-Alam39 bus-ticket bus_info.php via busid parameter

CVE ID :CVE-2026-55740 Published : June 18, 2026, 5:48 a.m. | 5 hours, 54 minutes ago Description :Nur-Alam39 bus-ticket (no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad) contains an unauthenticated SQL injection vulnerability in bus_info.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query (select * from bus_info where id=$busid) without sanitization, escaping, or parameterization, and in a numeric (unquoted) context. A remote, unauthenticated attacker can inject arbitrary SQL — for example a UNION-based payload such as busid=-1 UNION SELECT 1,2,3,4,5,6 — to read arbitrary data from the bus_service database. The application connects to the database as the MySQL root account with an empty password, increasing the potential impact. The query is executed via mysqli_query(), which does not permit stacked (semicolon-separated) statements. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-11402 - Services Section Block <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'link' Block Attribute

CVE ID :CVE-2026-11402 Published : June 18, 2026, 5:34 a.m. | 6 hours, 8 minutes ago Description :The Services Section Block – Showcase Service Details in Grid or Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'link' Block Attribute in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The payload persists inside HTML comments in post_content, bypassing wp_kses_post sanitization at save time, and executes via both the primary service link anchor and a secondary title-wrapped anchor when the linkIn option is set to 'title'. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-11358 - Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More <= 3.0.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu-item-icon' Parameter

CVE ID :CVE-2026-11358 Published : June 18, 2026, 5:34 a.m. | 6 hours, 8 minutes ago Description :The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026
VulnerabilitàAlta
CVE-2026-12093 - Simple Membership <= 4.7.5 - Missing Authorization to Unauthenticated Arbitrary Member Account Deactivation via Forged Stripe 'charge.refunded' Webhook

CVE ID :CVE-2026-12093 Published : June 18, 2026, 5:34 a.m. | 4 hours, 8 minutes ago Description :The Simple Membership plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.7.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to deactivate arbitrary member accounts by forging a charge.refunded webhook event containing a victim's subscription ID, setting the target member's account_state to 'inactive' and triggering cancellation hooks, transaction-record status changes, and cancellation notification emails. This vulnerability is exploitable only on installations where no Stripe webhook signing secret has been configured, which is the default out-of-the-box state; sites that have configured the stripe-webhook-signing-secret option are routed to the properly verified HMAC path and are not affected. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE18 giu 2026

Pagina 234 di 2096

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.