CVE-2026-44547 | ChurchCRM up to 7.3.0 public-user.php improper authentication (GHSA-cwp8-rm8g-q5c9)

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability classified as critical was found in ChurchCRM up to 7.3.0. This vulnerability affects unknown code of the file src/api/routes/public/public-user.php. Executing a manipulation can lead to improper authentication.

The identification of this vulnerability is CVE-2026-44547. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-44547 | ChurchCRM up to 7.3.0 public-user.php improper authentication (GHSA-cwp8-rm8g-q5c9)

Post correlati

CVE-2025-12280 | code-projects Client Details System 1.0 /update-clients.php cross site scripting

CVE-2026-20189 | Cisco Prime Infrastructure up to 3.10.6 Download Service API authorization (cisco-sa-pi-unauth-infodiscl-LFnLgmey)

CVE-2022-49355 | Linux Kernel up to 5.18.3 xen_xlate_map_ballooned_pages initialization

CVE-2024-6398 | Skyhigh Secure Web Gateway prior 11.2.23/12.2.10 on Windows SWG information disclosure