Vulnerabilidades em withstudiocms
7 resultadosCVE-2026-30944HIGHStudioCMS Affected by Privilege Escalation via Insecure API Token GenerationEPSS 0.6%CVE-2026-30945HIGHStudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of ServiceEPSS 0.5%CVE-2026-32638LOWStudioCMS REST getUsers Exposes Owner Account Records to Admin TokensEPSS 0.4%CVE-2026-32103MEDIUMStudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link GenerationEPSS 0.3%CVE-2026-32106MEDIUMStudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin AccountsEPSS 0.3%CVE-2026-24134MEDIUMStudioCMS has an Authorization Bypass Through User-Controlled KeyEPSS 0.3%CVE-2026-32104MEDIUMStudioCMS: IDOR in User Notification Preferences Allows Any Authenticated User to Modify Any User's SettingsEPSS 0.3%