CVE-2026-27835 | wger-project wger up to 2.4 authorization (GHSA-xf68-8hjw-7mpm)

Inserito da Angelo Barbosa | Feb 27, 2026 | CVE

A vulnerability categorized as problematic has been discovered in wger-project wger up to 2.4. This vulnerability affects the function RepetitionsConfigViewSet/MaxRepetitionsConfigViewSet. Executing a manipulation can lead to authorization bypass.

This vulnerability is handled as CVE-2026-27835. The attack can be executed remotely. There is not any exploit available.

It is advisable to implement a patch to correct this issue.

CVE-2026-27835 | wger-project wger up to 2.4 authorization (GHSA-xf68-8hjw-7mpm)

Post correlati

CVE-2023-28465 | FHIR Core Libraries prior 5.6.106 on CVE package-decompression path traversal (GHSA-9654-pr4f-gh6m)

CVE-2024-34511 | Gradio up to 4.12 Server _is_server_fn Privilege Escalation

CVE-2025-11477 | SourceCodester Wedding Reservation Management System 1.0 /global.php User sql injection

CVE-2023-34007 | WPChill Download Monitor Plugin up to 4.8.3 on WordPress unrestricted upload