CVE-2026-21627 | Tassos Novarain com_ajax access control

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability labeled as critical has been found in Tassos Novarain, Framework, Convert Forms, EngageBox, Google Structured Data, Advanced Custom Fields and Smile Pack. The impacted element is an unknown function of the component com_ajax. The manipulation results in improper access controls.

This vulnerability is reported as CVE-2026-21627. The attack can be launched remotely. No exploit exists.

CVE-2026-21627 | Tassos Novarain com_ajax access control

Post correlati

CVE-2024-6016 | itsourcecode Online Laundry Management System 1.0 admin_class.php id sql injection

CVE-2025-6464 | Forminator Forms Plugin up to 1.44.2 on WordPress PHAR File Parser entry_delete_upload_files deserialization

CVE-2025-14711 | FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0 hotelList.php pickedHotelName/type sql injection

CVE-2026-2011 | itsourcecode Student Management System 1.0 controller.php ID sql injection