0.0
CVE-2026-30778 - Apache SkyWalking: The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configurat…
The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue.
0.0
CVE-2026-40786 - WordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through <= 5.7.3.
0.0
CVE-2026-40784 - WordPress FluentBoards plugin <= 1.91.2 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.2.
0.0
CVE-2026-40778 - WordPress Majestic Support plugin <= 1.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: from n/a through <= 1.1.2.
0.0
CVE-2026-40764 - WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerabil…
Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1.10.0.2.