CVE-2026-38934 | diskover-community up to 2.3.5 settings_process.php cross-site request forgery

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability marked as problematic has been reported in diskover-community up to 2.3.5. Affected is an unknown function of the file public/settings_process.php. Performing a manipulation results in cross-site request forgery.

This vulnerability was named CVE-2026-38934. The attack may be initiated remotely. There is no available exploit.

CVE-2026-38934 | diskover-community up to 2.3.5 settings_process.php cross-site request forgery

Post correlati

CVE-2026-1321 | Membership Plugin up to 3.2.18/3.2.20 on WordPress POST Parameter rcp_setup_registration_init rcp_level Remote Code Execution

CVE-2024-31308 | VJInfotech WP Import Export Lite Plugin up to 3.9.26 on WordPress deserialization

CVE-2024-57240 | Apryse WebViewer up to 11.1 Rendering Engine cross site scripting

CVE-2025-10102 | code-projects Online Event Judging System 1.0 /index.php Username sql injection