CVE-2026-32279 | opensource-workshop connect-cms up to 1.41.0/2.41.0 server-side request forgery (GHSA-jh46-85jr-6ph9)

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability marked as critical has been reported in opensource-workshop connect-cms up to 1.41.0/2.41.0. This affects an unknown function. This manipulation causes server-side request forgery.

This vulnerability is tracked as CVE-2026-32279. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-32279 | opensource-workshop connect-cms up to 1.41.0/2.41.0 server-side request forgery (GHSA-jh46-85jr-6ph9)

Post correlati

CVE-2024-7221 | SourceCodester School Log Management System 1.0 /admin/manage_user.php id sql injection

CVE-2025-20059 | Ping Identity PingAM Java Policy Agent up to 5.10.3/2023.11.1/2024.9 path traversal

CVE-2024-6489 | Getwid Plugin up to 2.0.10 on WordPress Google API Key authorization

CVE-2024-30543 | UPQODE Whizzy Plugin up to 1.1.18 on WordPress authorization