Publish Advisories

GHSA-3cch-wj7f-8g8x
GHSA-2gmw-2prf-4jf5
GHSA-3vcr-g3hm-2qr2
GHSA-4w7x-xp7v-5wc2
GHSA-5cr3-m7xx-pv5v
GHSA-5mxp-jr6r-r378
GHSA-7fvw-v44w-rxj9
GHSA-8xj5-wfhm-66px
GHSA-f474-j5g7-2pch
GHSA-gr8m-rq4x-q7c8
GHSA-hwr5-vgw5-5q99
GHSA-p356-q857-c7qx
GHSA-pfxv-5cjm-vgpg
GHSA-rcpv-9747-gv3q
GHSA-wm9p-h6hw-5vx8
GHSA-x8v6-ww3x-gccf
GHSA-xg9f-423r-vcp9
GHSA-xw7j-84mx-6v67

Author: advisory-database[bot]

advisories/unreviewed/2022/11/GHSA-3cch-wj7f-8g8x/GHSA-3cch-wj7f-8g8x.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3cch-wj7f-8g8x",
-  "modified": "2024-06-17T15:30:36Z",
+  "modified": "2026-04-08T06:31:27Z",
   "published": "2022-11-10T19:01:07Z",
   "aliases": [
     "CVE-2022-45063"
@@ -74,6 +74,10 @@
     {
       "type": "WEB",
       "url": "http://www.openwall.com/lists/oss-security/2024/06/17/1"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2026/04/08/1"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/04/GHSA-2gmw-2prf-4jf5/GHSA-2gmw-2prf-4jf5.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2gmw-2prf-4jf5",
+  "modified": "2026-04-08T06:31:27Z",
+  "published": "2026-04-08T06:31:27Z",
+  "aliases": [
+    "CVE-2026-4379"
+  ],
+  "details": "The LightPress Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `group` attribute in the `[gallery]` shortcode in all versions up to, and including, 2.3.4. This is due to the plugin modifying gallery shortcode output to include the `group` attribute value without proper escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4379"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wp-jquery-lightbox/tags/2.3.4/lightboxes/wp-jquery-lightbox/class-wp-jquery-lightbox.php#L376"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wp-jquery-lightbox/tags/2.3.4/lightboxes/wp-jquery-lightbox/class-wp-jquery-lightbox.php#L395"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?old_path=/wp-jquery-lightbox/tags/2.3.4&new_path=/wp-jquery-lightbox/tags/2.3.5"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2bed4818-70c5-40b7-8d8d-f43f3baa0f3d?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-08T04:17:09Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-3vcr-g3hm-2qr2/GHSA-3vcr-g3hm-2qr2.json

@@ -0,0 +1,39 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3vcr-g3hm-2qr2",
+  "modified": "2026-04-08T06:31:28Z",
+  "published": "2026-04-08T06:31:28Z",
+  "aliases": [
+    "CVE-2026-5083"
+  ],
+  "details": "Ado::Sessions versions through 0.935 for Perl generates insecure session ids.\n\nThe session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nPredicable session ids could allow an attacker to gain access to systems.\n\nNote that Ado is no longer maintained, and has been removed from the CPAN index. It is still available on BackPAN.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5083"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/kberov/Ado/issues/112"
+    },
+    {
+      "type": "WEB",
+      "url": "https://backpan.perl.org/authors/id/B/BE/BEROV/Ado-0.935.tar.gz"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-338"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-08T06:16:29Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-4w7x-xp7v-5wc2/GHSA-4w7x-xp7v-5wc2.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4w7x-xp7v-5wc2",
+  "modified": "2026-04-08T06:31:28Z",
+  "published": "2026-04-08T06:31:28Z",
+  "aliases": [
+    "CVE-2026-33273"
+  ],
+  "details": "Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33273"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/jp/JVN33581068"
+    },
+    {
+      "type": "WEB",
+      "url": "https://oss.icz.co.jp/news/?p=1386"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-434"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-08T06:16:28Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-5cr3-m7xx-pv5v/GHSA-5cr3-m7xx-pv5v.json

@@ -0,0 +1,88 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5cr3-m7xx-pv5v",
+  "modified": "2026-04-08T06:31:27Z",
+  "published": "2026-04-08T06:31:27Z",
+  "aliases": [
+    "CVE-2026-3646"
+  ],
+  "details": "The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to missing authentication, authorization, and nonce verification on a standalone PHP file that directly processes GET parameters and updates WordPress options. This makes it possible for unauthenticated attackers to modify the plugin's subscription plan settings, effectively downgrading the store from a paid plan to the Trial Plan, changing the store type, and manipulating subscription expiration dates, potentially disabling premium features such as Dropship and Hazardous Material handling.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3646"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/tags/3.3.11/en-hit-to-update-plan.php#L32"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/tags/3.3.11/en-hit-to-update-plan.php#L33"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/tags/3.3.11/en-hit-to-update-plan.php#L40"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/tags/3.3.11/en-hit-to-update-plan.php#L43"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/tags/3.3.11/en-hit-to-update-plan.php#L46"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/tags/3.3.11/en-hit-to-update-plan.php#L49"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/trunk/en-hit-to-update-plan.php#L32"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/trunk/en-hit-to-update-plan.php#L33"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/trunk/en-hit-to-update-plan.php#L40"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/trunk/en-hit-to-update-plan.php#L43"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/trunk/en-hit-to-update-plan.php#L46"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/ltl-freight-quotes-rl-edition/trunk/en-hit-to-update-plan.php#L49"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3492361%40ltl-freight-quotes-rl-edition&new=3492361%40ltl-freight-quotes-rl-edition&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a144c9ae-dfdb-4ea2-8c27-84d59439c72a?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-08T05:16:06Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-5mxp-jr6r-r378/GHSA-5mxp-jr6r-r378.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5mxp-jr6r-r378",
+  "modified": "2026-04-08T06:31:27Z",
+  "published": "2026-04-08T06:31:27Z",
+  "aliases": [
+    "CVE-2026-3239"
+  ],
+  "details": "The Strong Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's testimonial_view shortcode in all versions up to, and including, 3.2.21 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3239"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3470120/strong-testimonials"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88d769cd-bea8-42e4-80a8-a77c0699b50c?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-08T05:16:05Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-7fvw-v44w-rxj9/GHSA-7fvw-v44w-rxj9.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7fvw-v44w-rxj9",
+  "modified": "2026-04-08T06:31:27Z",
+  "published": "2026-04-08T06:31:27Z",
+  "aliases": [
+    "CVE-2026-4333"
+  ],
+  "details": "The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skin' attribute of the learn_press_courses shortcode in all versions up to and including 4.3.3. This is due to insufficient input sanitization and output escaping on the 'skin' shortcode attribute. The attribute value is used directly in an sprintf() call that generates HTML (class attribute and data-layout attribute) without any esc_attr() escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4333"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Shortcodes/Courses/ListCoursesShortcode.php#L55"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Shortcodes/Courses/ListCoursesShortcode.php#L76"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/learnpress/trunk/inc/Shortcodes/Courses/ListCoursesShortcode.php#L55"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/learnpress/trunk/inc/Shortcodes/Courses/ListCoursesShortcode.php#L76"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3494377%40learnpress&new=3494377%40learnpress&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/15fb0a26-e415-4ccb-b83d-d8f7b36bce66?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-08T05:16:06Z"
+  }
+}