{"source":"circl-vulnerability-lookup","name":"CIRCL Vulnerability-Lookup","kind":"widget","via":"native","records":[{"id":"cve-0","title":"","value":"cve-0","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-0","props":{"cveId":"cve-0","assigner":"","published":"","description":""}},{"id":"cve-1","title":"","value":"cve-1","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-1","props":{"cveId":"cve-1","assigner":"","published":"","description":""}},{"id":"cve-2","title":"","value":"cve-2","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-2","props":{"cveId":"cve-2","assigner":"","published":"","description":""}},{"id":"cve-3","title":"","value":"cve-3","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-3","props":{"cveId":"cve-3","assigner":"","published":"","description":""}},{"id":"cve-4","title":"","value":"cve-4","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-4","props":{"cveId":"cve-4","assigner":"","published":"","description":""}},{"id":"CVE-2026-15982","title":"Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation via 'aiomatic_call_google_ai_fu","value":"CVE-2026-15982","subtitle":"Wordfence · 2026-07-17","href":"https://www.cve.org/CVERecord?id=CVE-2026-15982","props":{"cveId":"CVE-2026-15982","assigner":"Wordfence","published":"2026-07-17T05:35:58.570Z","description":"The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts."}},{"id":"CVE-2026-15094","title":"WP Hotel Booking <= 2.3.2 - Reflected Cross-Site Scripting via 'check_in_date' Parameter","value":"CVE-2026-15094","subtitle":"Wordfence · 2026-07-17","href":"https://www.cve.org/CVERecord?id=CVE-2026-15094","props":{"cveId":"CVE-2026-15094","assigner":"Wordfence","published":"2026-07-17T05:35:59.119Z","description":"The WP Hotel Booking plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'check_in_date' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."}},{"id":"CVE-2026-10649","title":"Pacemaker: pacemaker: denial of service via integer overflow in remote message decompression","value":"CVE-2026-10649","subtitle":"redhat · 2026-06-16","href":"https://www.cve.org/CVERecord?id=CVE-2026-10649","props":{"cveId":"CVE-2026-10649","assigner":"redhat","published":"2026-06-16T15:57:38.911Z","description":"A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial of service (DoS) in the CIB remote listener. This can result in the affected service crashing."}},{"id":"cve-8","title":"","value":"cve-8","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-8","props":{"cveId":"cve-8","assigner":"","published":"","description":""}},{"id":"cve-9","title":"","value":"cve-9","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-9","props":{"cveId":"cve-9","assigner":"","published":"","description":""}},{"id":"cve-10","title":"","value":"cve-10","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-10","props":{"cveId":"cve-10","assigner":"","published":"","description":""}},{"id":"cve-11","title":"","value":"cve-11","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-11","props":{"cveId":"cve-11","assigner":"","published":"","description":""}},{"id":"cve-12","title":"","value":"cve-12","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-12","props":{"cveId":"cve-12","assigner":"","published":"","description":""}},{"id":"cve-13","title":"","value":"cve-13","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-13","props":{"cveId":"cve-13","assigner":"","published":"","description":""}},{"id":"cve-14","title":"","value":"cve-14","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-14","props":{"cveId":"cve-14","assigner":"","published":"","description":""}},{"id":"cve-15","title":"","value":"cve-15","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-15","props":{"cveId":"cve-15","assigner":"","published":"","description":""}},{"id":"cve-16","title":"","value":"cve-16","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-16","props":{"cveId":"cve-16","assigner":"","published":"","description":""}},{"id":"cve-17","title":"","value":"cve-17","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-17","props":{"cveId":"cve-17","assigner":"","published":"","description":""}},{"id":"cve-18","title":"","value":"cve-18","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-18","props":{"cveId":"cve-18","assigner":"","published":"","description":""}},{"id":"cve-19","title":"","value":"cve-19","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-19","props":{"cveId":"cve-19","assigner":"","published":"","description":""}},{"id":"cve-20","title":"","value":"cve-20","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-20","props":{"cveId":"cve-20","assigner":"","published":"","description":""}},{"id":"cve-21","title":"","value":"cve-21","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-21","props":{"cveId":"cve-21","assigner":"","published":"","description":""}},{"id":"cve-22","title":"","value":"cve-22","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-22","props":{"cveId":"cve-22","assigner":"","published":"","description":""}},{"id":"cve-23","title":"","value":"cve-23","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-23","props":{"cveId":"cve-23","assigner":"","published":"","description":""}},{"id":"cve-24","title":"","value":"cve-24","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-24","props":{"cveId":"cve-24","assigner":"","published":"","description":""}},{"id":"cve-25","title":"","value":"cve-25","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-25","props":{"cveId":"cve-25","assigner":"","published":"","description":""}},{"id":"cve-26","title":"","value":"cve-26","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-26","props":{"cveId":"cve-26","assigner":"","published":"","description":""}},{"id":"cve-27","title":"","value":"cve-27","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-27","props":{"cveId":"cve-27","assigner":"","published":"","description":""}},{"id":"cve-28","title":"","value":"cve-28","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-28","props":{"cveId":"cve-28","assigner":"","published":"","description":""}},{"id":"cve-29","title":"","value":"cve-29","subtitle":"","href":"https://www.cve.org/CVERecord?id=cve-29","props":{"cveId":"cve-29","assigner":"","published":"","description":""}}],"count":30,"generated_at":"2026-07-17T07:03:08.464Z"}