Tag

Authenticated

4 briefs RSS

CVE-2026-7465: Spectra Gutenberg Blocks WordPress Plugin Remote Code Execution

The Spectra Gutenberg Blocks WordPress plugin is vulnerable to remote code execution, allowing authenticated attackers with Contributor access or higher to execute arbitrary code by crafting a malicious two-block payload within post content.

Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin wordpress rce plugin authenticated

2r 1t 1c 3w ago

high advisory

CVE-2026-42406 - F5 BIG-IP and BIG-IQ Authenticated Remote Code Execution

2 rules 2 TTPs 1 CVE

CVE-2026-42406 allows a highly privileged, authenticated attacker with the Certificate Manager role to modify configuration objects in F5 BIG-IP and BIG-IQ systems, leading to arbitrary command execution.

BIG-IP +1 cve cve-2026-42406 f5 big-iq rce authenticated privilege escalation

2r 2t 1c May 13, 2026

high advisory

CVE-2026-41957: F5 BIG-IP and BIG-IQ Authenticated Remote Code Execution Vulnerability

2 rules 1 TTP 1 CVE

An authenticated remote code execution vulnerability (CVE-2026-41957) exists in the F5 BIG-IP and BIG-IQ Configuration utility, potentially leading to arbitrary code execution on affected systems.

BIG-IP +1 cve-2026-41957 rce f5 big-iq authenticated deserialization

2r 1t 1c May 13, 2026

high advisory

CVE-2021-47937: e107 CMS Authenticated Remote Code Execution via Theme Upload

2 rules 2 TTPs 1 CVE

e107 CMS 2.3.0 contains a remote code execution vulnerability (CVE-2021-47937) that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files, leading to arbitrary code execution on the server.

e107 CMS 2.3.0 cve rce e107 web-shell authenticated CVE-2021-47937

2r 2t 1c May 10, 2026