CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listing_load_more AJAX handler accepts a filtered_query parameter that is not verified in the HMAC signature, allowing for SQL injection.
Avada versions up to 3.15.3 are vulnerable to PHP Object Injection, potentially allowing unauthorized access to the system.
A vulnerability in `nltk.app.wordnet_app` up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when started in its default mode. The server listens on all interfaces and processes a specific unauthenticated GET request (`/SHUTDOWN%20THE%20SERVER`) to terminate the process immediately.
The Contest Gallery plugin for WordPress is vulnerable to privilege escalation in versions up to and including 30.0.2 via the `RegistryUserRole` parameter. This allows users with author-level access and above to overwrite the `RegistryUserRole` option to `administrator`.
Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The service runs as SYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls. A low-privileged authenticated user can connect to the interface and invoke update methods, allowing arbitrary file write and delete with SYSTEM privileges.
A local privilege escalation vulnerability in Quanos SCHEMA ST4 on-premises allows an authenticated attacker to execute arbitrary code with SYSTEM privileges via insecure deserialization in the .NET Remoting service.
An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.
An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.
In Nfc::eventCallback() of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed.
In the tryStartActivity method of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed.
In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed.
In SettingsLib, there is a possible missing permission check due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.
In the createSessionInternal method of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution privileges needed.
In the setAllowedCarriers method of PhoneInterfaceManager.java, there is a logic error that may allow disabling carrier restrictions. This could lead to local privilege escalation without the need for additional execution privileges.
In SettingsLib, there is a logic error that may allow disabling system components. This could lead to local escalation of privilege without the need for additional execution privileges.
There is an unauthenticated local file inclusion vulnerability in Truemag versions <= 4.3.14.2.
There is a vulnerability in Roneous versions up to 2.1.5 that allows unauthenticated local file inclusion.
ITactics versions up to 1.0 are vulnerable to unauthenticated local file inclusion. An attacker can exploit this vulnerability to gain access to system files.
Versions of Tipsy up to 1.1 are vulnerable to unauthenticated local file inclusion. An attacker can exploit this vulnerability to gain access to system files.
There is an unauthenticated local file inclusion vulnerability in Resurs <= 1.3 versions.

