Skip to content

Commit 300be78

Browse files
1 parent 0e55724 commit 300be78

7 files changed

Lines changed: 420 additions & 0 deletions

File tree

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,96 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-73vw-76h4-g45m",
4+
"modified": "2026-06-27T03:31:13Z",
5+
"published": "2026-06-27T03:31:12Z",
6+
"aliases": [
7+
"CVE-2026-13422"
8+
],
9+
"details": "The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdq_validate_nonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create new quizzes, and change plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13422"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L155"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L179"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L53"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L68"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L7"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L87"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/functions.php#L39"
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L155"
53+
},
54+
{
55+
"type": "WEB",
56+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L179"
57+
},
58+
{
59+
"type": "WEB",
60+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L53"
61+
},
62+
{
63+
"type": "WEB",
64+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L68"
65+
},
66+
{
67+
"type": "WEB",
68+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L7"
69+
},
70+
{
71+
"type": "WEB",
72+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L87"
73+
},
74+
{
75+
"type": "WEB",
76+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/functions.php#L39"
77+
},
78+
{
79+
"type": "WEB",
80+
"url": "https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.2/includes/functions.php#L40"
81+
},
82+
{
83+
"type": "WEB",
84+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c886ce5a-0633-4892-9471-c1a7ee858c93?source=cve"
85+
}
86+
],
87+
"database_specific": {
88+
"cwe_ids": [
89+
"CWE-352"
90+
],
91+
"severity": "MODERATE",
92+
"github_reviewed": false,
93+
"github_reviewed_at": null,
94+
"nvd_published_at": "2026-06-27T02:16:29Z"
95+
}
96+
}
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-cc9f-rh6g-8362",
4+
"modified": "2026-06-27T03:31:12Z",
5+
"published": "2026-06-27T03:31:12Z",
6+
"aliases": [
7+
"CVE-2026-13331"
8+
],
9+
"details": "The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'search' parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with marketer-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13331"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/api/v4/base-object-api.php#L488"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/db.php#L330"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/db.php#L395"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/steps.php#L231"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/steps.php#L254"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3586389%40groundhogg&new=3586389%40groundhogg&sfp_email=&sfph_mail="
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20ee6bc7-2732-4da3-b005-a971d12b0e32?source=cve"
49+
}
50+
],
51+
"database_specific": {
52+
"cwe_ids": [
53+
"CWE-89"
54+
],
55+
"severity": "MODERATE",
56+
"github_reviewed": false,
57+
"github_reviewed_at": null,
58+
"nvd_published_at": "2026-06-27T02:16:28Z"
59+
}
60+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-h9qh-pc26-3235",
4+
"modified": "2026-06-27T03:31:12Z",
5+
"published": "2026-06-27T03:31:12Z",
6+
"aliases": [
7+
"CVE-2025-59868"
8+
],
9+
"details": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59868"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131419"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-532"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-27T02:16:28Z"
35+
}
36+
}
Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-jwpp-v8v4-wh67",
4+
"modified": "2026-06-27T03:31:12Z",
5+
"published": "2026-06-27T03:31:12Z",
6+
"aliases": [
7+
"CVE-2026-11356"
8+
],
9+
"details": "The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_color' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11356"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/admin/class-is-settings-fields.php#L249"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/public/class-is-public.php#L1199"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/public/class-is-public.php#L222"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/public/class-is-public.php#L263"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/admin/class-is-settings-fields.php#L249"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/public/class-is-public.php#L1199"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/public/class-is-public.php#L222"
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/public/class-is-public.php#L263"
53+
},
54+
{
55+
"type": "WEB",
56+
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3583051%40add-search-to-menu&new=3583051%40add-search-to-menu&sfp_email=&sfph_mail="
57+
},
58+
{
59+
"type": "WEB",
60+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab004836-8362-46d6-acfc-80f582605b43?source=cve"
61+
}
62+
],
63+
"database_specific": {
64+
"cwe_ids": [
65+
"CWE-79"
66+
],
67+
"severity": "MODERATE",
68+
"github_reviewed": false,
69+
"github_reviewed_at": null,
70+
"nvd_published_at": "2026-06-27T02:16:28Z"
71+
}
72+
}
Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-qmp7-mx7r-2rf4",
4+
"modified": "2026-06-27T03:31:12Z",
5+
"published": "2026-06-27T03:31:12Z",
6+
"aliases": [
7+
"CVE-2026-13333"
8+
],
9+
"details": "The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'query[select]' Parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Sales Representative-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The sanitized Contact_Query code path can be bypassed by supplying an invalid filter type (e.g., query[filters][0][0][type]=invalid_filter_nonexistent), causing a FilterException to be caught and execution to fall through to the unsanitized Legacy_Contact_Query path.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13333"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/api/v3/contacts-api.php#L287"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/includes/contact-query.php#L2585"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/includes/legacy-contact-query.php#L708"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/includes/legacy-contact-query.php#L753"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3586389%40groundhogg&new=3586389%40groundhogg&sfp_email=&sfph_mail="
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4a0c04fe-7a9f-4a3f-ba2c-3bdcb5dec060?source=cve"
45+
}
46+
],
47+
"database_specific": {
48+
"cwe_ids": [
49+
"CWE-89"
50+
],
51+
"severity": "MODERATE",
52+
"github_reviewed": false,
53+
"github_reviewed_at": null,
54+
"nvd_published_at": "2026-06-27T02:16:28Z"
55+
}
56+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-vp5c-23j8-3fh2",
4+
"modified": "2026-06-27T03:31:12Z",
5+
"published": "2026-06-27T03:31:12Z",
6+
"aliases": [
7+
"CVE-2023-37524"
8+
],
9+
"details": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37524"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131418"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-1104"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-27T02:16:27Z"
35+
}
36+
}

0 commit comments

Comments
 (0)