Medium CVE-2026-9008 The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelist_unqprfx_ext_shortcode() function (the [pagelist_ext] / [pagelistext] shortcode) accepting attacker-controlled post_status, post_type,...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-9008 – The Page-list plugin for WordPress is vulnerable to Missing Authorization in all...

VERWANDTEARTIKEL

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

OWASP CVE Lite CLI – New Tool to Scan for Vulnerabilities in Your Projects

[High] CVE-2026-8901 – The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity For...

[Medium] CVE-2026-9281 – The Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Buil...

[High] CVE-2026-8438 – The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is v...

[Medium] CVE-2026-8900 – The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site...