CVE-2026-13544 | Feehi CMS up to 2.1.1 API /api/users information disclosure (Issue 88)

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability identified as problematic has been detected in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes information disclosure.

This vulnerability is handled as CVE-2026-13544. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-13544 | Feehi CMS up to 2.1.1 API /api/users information disclosure (Issue 88)

Post correlati

CVE-2024-6054 | Auto Featured Image Plugin up to 1.2 on WordPress unrestricted upload

CVE-2024-25292 | RenderTune 1.1.4 Upload Title cross site scripting

CVE-2025-24361 | Nuxt up to 3.15.2 on Vue routine (GHSA-4gf7-ff8x-hq99)

CVE-2025-40722 | Flatboard Pro up to 3.2.1 /config.php/tags replace cross site scripting