Known Vulnerabilities for Custom API For WP by MiniOrange
Listed below are 10 of the newest known vulnerabilities associated with "Custom API For WP" by "MiniOrange".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-60088 json | PraisonAI before 4.6.78 fails to validate file path references in custom command templates, allowing attackers to read files ... | Not Provided | 2026-07-11 | 2026-07-13 |
| CVE-2026-59821 json | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custo... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-59180 json | Apprise is an open source library which allows you to send a notification to almost all of the most popular notification serv... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-59093 json | Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by t... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-58480 json | Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-58468 json | NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authent... | Not Provided | 2026-07-07 | 2026-07-08 |
| CVE-2026-58057 json | Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, s... | Not Provided | 2026-06-28 | 2026-06-29 |
| CVE-2026-58013 json | A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a cu... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-57879 json | An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and ... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-57687 json | Contributor SQL Injection in Custom Field Template <= 2.7.8 versions. | Not Provided | 2026-07-02 | 2026-07-02 |