| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions. |
| Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions. |
| Unauthenticated Broken Access Control in Newsletters <= 4.13 versions. |
| Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions. |
| Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions. |
| Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions. |
| In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings |
| Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions. |
| In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags |
| Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions. |
| In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint |
| In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible |
| Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions. |
| Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions. |
| Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions. |
| Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale <= 1.0.27 versions. |
| Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions. |
| LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/files/images endpoint allows any authenticated user to upload files into any agent's tool_resources (e.g., context, execute_code) without verifying ownership or EDIT permission on the target agent. A permission check was added to the POST /api/files route in a previous patch, but the image upload route was never updated with the same check. An attacker can simply use the image endpoint instead of the file endpoint to bypass the authorization entirely. This vulnerability is fixed in 0.8.4-rc1. |
| FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, a query-construction flaw in client list endpoints allowed authenticated clients to bypass tenant scoping and retrieve other clients’ data. Details
In ServiceTransaction::getSearchQuery() and Order\Service::getSearchQuery(), OR-based search/action filters were appended without grouping, allowing SQL operator precedence to evaluate OR clauses independently of the enforced client_id constraint. Crafted requests could therefore return records and metadata belonging to other clients, including identifiers, amounts, status, timestamps, and related fields. This issue was fixed in version 0.8.0. |
| Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions. |
