WordPress database error: [Table 'E7ga6LS3u_options' is read only]
INSERT INTO `E7ga6LS3u_options` (`option_name`, `option_value`, `autoload`) VALUES ('_transient_imunify_security_rules_1782028536_2981757', 'a:2:{s:7:\"version\";s:7:\"0.800.0\";s:5:\"rules\";a:30:{s:21:\"RULE-CVE-2024-7770-02\";a:11:{s:3:\"cve\";s:13:\"CVE-2024-7770\";s:11:\"description\";s:93:\"Bit File Manager <=6.5.5 block direct access to elFinder connector with dangerous file upload\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:8.8;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:12:\"file-manager\";s:8:\"versions\";s:7:\"<=6.5.5\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:43:\"~file-manager/libs/elFinder/php/connector~i\";}i:1;a:3:{s:4:\"name\";s:17:\"FILES:upload:name\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:96:\"~\\.(?:ph(?:p[0-9]?|s|tml?|t|ar)|s?html?|cgi|asp|aspx|jsp|jspx|cfm|user\\.ini)$|[\\\\/]\\.htaccess$~i\";}}}s:22:\"RULE-CVE-2025-11220-01\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-11220\";s:11:\"description\";s:100:\"Elementor <=3.33.3 Authenticated (Contributor+) Stored DOM-Based XSS via Text Path widget SVG markup\";s:8:\"cve_link\";s:47:\"https://nvd.nist.gov/vuln/detail/CVE-2025-11220\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:4:{i:0;s:3:\"xss\";i:1;s:10:\"stored-xss\";i:2;s:13:\"svg-injection\";i:3;s:9:\"elementor\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:9:\"elementor\";s:8:\"versions\";s:8:\"<=3.33.3\";s:6:\"method\";s:4:\"POST\";s:11:\"ajax_action\";s:14:\"elementor_ajax\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:12:\"ARGS:actions\";s:4:\"type\";s:8:\"contains\";s:5:\"value\";s:9:\"text-path\";}i:1;a:3:{s:4:\"name\";s:12:\"ARGS:actions\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:116:\"~<(?:script|iframe|embed|object|form|meta|link|base)\\b|\\bon(?:error|load|begin|end|click|mouseover|focus|blur)\\s*=~i\";}i:2;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:15:\"unfiltered_html\";}}}s:22:\"RULE-CVE-2025-11924-01\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-11924\";s:11:\"description\";s:88:\"Ninja Forms <=3.13.2 unauthenticated IDOR on ninja-forms-views REST submissions endpoint\";s:8:\"cve_link\";s:47:\"https://nvd.nist.gov/vuln/detail/CVE-2025-11924\";s:8:\"severity\";d:7.5;s:4:\"tags\";a:5:{i:0;s:4:\"idor\";i:1;s:21:\"missing-authorization\";i:2;s:15:\"unauthenticated\";i:3;s:8:\"rest-api\";i:4;s:23:\"sensitive-data-exposure\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:11:\"ninja-forms\";s:8:\"versions\";s:8:\"<=3.13.2\";s:6:\"method\";s:3:\"GET\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:96:\"~(?:^/wp-json|(?:^|&|\\?)rest_route=)/ninja-forms-views/(?:v1/)?forms/\\d+/submissions(?:[/?&]|$)~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:22:\"RULE-CVE-2025-11924-03\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-11924\";s:11:\"description\";s:107:\"Ninja Forms <=3.13.2 unauthenticated bearer token minting via ninja-forms-views REST token/refresh endpoint\";s:8:\"cve_link\";s:47:\"https://nvd.nist.gov/vuln/detail/CVE-2025-11924\";s:8:\"severity\";d:7.5;s:4:\"tags\";a:5:{i:0;s:21:\"authentication-bypass\";i:1;s:21:\"missing-authorization\";i:2;s:15:\"unauthenticated\";i:3;s:8:\"rest-api\";i:4;s:13:\"token-minting\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:11:\"ninja-forms\";s:8:\"versions\";s:8:\"<=3.13.2\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:88:\"~(?:^/wp-json|(?:^|&|\\?)rest_route=)/ninja-forms-views/(?:v1/)?token/refresh(?:[/?&]|$)~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:22:\"RULE-CVE-2025-13977-01\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-13977\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:35:\"essential-addons-for-elementor-lite\";s:8:\"versions\";s:7:\"<=6.5.3\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:22:\"~^/wp-admin/post\\.php~\";}i:1;a:3:{s:4:\"name\";s:20:\"ARGS:_elementor_data\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:73:\"~(?:\\bon\\w+\\s*=|javascript\\s*:|<\\s*script[\\s>]|<\\s*svg[^>]*\\bon\\w+\\s*=)~i\";}}}s:22:\"RULE-CVE-2025-13977-02\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-13977\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:35:\"essential-addons-for-elementor-lite\";s:8:\"versions\";s:7:\"<=6.5.3\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:79:\"~(?:^/wp-json/wp/v2/posts/\\d+(?:/|\\?|$)|\\?(?:.*&)?rest_route=/wp/v2/posts/\\d+)~\";}i:1;a:3:{s:4:\"name\";s:26:\"ARGS:meta[_elementor_data]\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:74:\"~(?:\\bon\\w+\\s*=|javascript\\s*:|<\\s*script[\\s>]|<\\s*svg[^>]*\\bon\\w+\\s*=)~is\";}}}s:22:\"RULE-CVE-2025-13977-03\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-13977\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:35:\"essential-addons-for-elementor-lite\";s:8:\"versions\";s:7:\"<=6.5.3\";s:6:\"method\";s:3:\"PUT\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:79:\"~(?:^/wp-json/wp/v2/posts/\\d+(?:/|\\?|$)|\\?(?:.*&)?rest_route=/wp/v2/posts/\\d+)~\";}i:1;a:3:{s:4:\"name\";s:26:\"ARGS:meta[_elementor_data]\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:74:\"~(?:\\bon\\w+\\s*=|javascript\\s*:|<\\s*script[\\s>]|<\\s*svg[^>]*\\bon\\w+\\s*=)~is\";}}}s:22:\"RULE-CVE-2025-13977-04\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-13977\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:35:\"essential-addons-for-elementor-lite\";s:8:\"versions\";s:7:\"<=6.5.3\";s:6:\"method\";s:5:\"PATCH\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:79:\"~(?:^/wp-json/wp/v2/posts/\\d+(?:/|\\?|$)|\\?(?:.*&)?rest_route=/wp/v2/posts/\\d+)~\";}i:1;a:3:{s:4:\"name\";s:26:\"ARGS:meta[_elementor_data]\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:74:\"~(?:\\bon\\w+\\s*=|javascript\\s*:|<\\s*script[\\s>]|<\\s*svg[^>]*\\bon\\w+\\s*=)~is\";}}}s:22:\"RULE-CVE-2025-14635-01\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-14635\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:22:\"happy-elementor-addons\";s:8:\"versions\";s:8:\"<=3.20.3\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:10:\"admin_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:6:\"equals\";s:5:\"value\";s:18:\"/wp-admin/post.php\";}i:1;a:2:{s:4:\"name\";s:22:\"ARGS:ha_page_custom_js\";s:4:\"type\";s:9:\"detectXSS\";}}}s:22:\"RULE-CVE-2025-14732-01\";a:11:{s:3:\"cve\";s:14:\"CVE-2025-14732\";s:11:\"description\";s:69:\"Elementor <=3.35.5 stored XSS via REST API meta _elementor_data field\";s:8:\"cve_link\";s:47:\"https://nvd.nist.gov/vuln/detail/CVE-2025-14732\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:3:{i:0;s:10:\"stored-xss\";i:1;s:8:\"rest-api\";i:2;s:13:\"authenticated\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:9:\"elementor\";s:8:\"versions\";s:8:\"<=3.35.5\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:66:\"~(?:^/wp-json|(?:^|&|\\?)rest_route=)/wp/v2/posts/[0-9]+(?:[/?]|$)~\";}i:1;a:3:{s:4:\"name\";s:26:\"ARGS:meta[_elementor_data]\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:78:\"~(?:<script[\\s/>]|on(?:error|load|click|mouseover|focus)\\s*=|javascript\\s*:)~i\";}i:2;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:15:\"unfiltered_html\";}}}s:22:\"RULE-CVE-2025-63077-01\";a:11:{s:3:\"cve\";s:14:\"CVE-2025-63077\";s:11:\"description\";s:163:\"Happy Addons for Elementor <=3.20.3 missing authorization on ha_library_new_post admin action allows contributor+ users to create arbitrary Theme Builder templates\";s:8:\"cve_link\";s:47:\"https://nvd.nist.gov/vuln/detail/CVE-2025-63077\";s:8:\"severity\";d:4.3;s:4:\"tags\";a:3:{i:0;s:21:\"missing-authorization\";i:1;s:21:\"broken-access-control\";i:2;s:20:\"privilege-escalation\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:22:\"happy-elementor-addons\";s:8:\"versions\";s:8:\"<=3.20.3\";s:6:\"action\";s:10:\"admin_init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"ARGS:action\";s:4:\"type\";s:6:\"equals\";s:5:\"value\";s:19:\"ha_library_new_post\";}i:1;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:31:\"~^/wp-admin/admin\\.php(?:\\?|$)~\";}i:2;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:22:\"RULE-CVE-2025-67588-01\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-67588\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:4.3;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:9:\"elementor\";s:8:\"versions\";s:8:\"<=3.33.0\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:110:\"~^(?:/wp-json/wp/v2/e-floating-buttons(?:/|\\?|$)|/\\?(?:[^#]*&)?rest_route=/wp/v2/e-floating-buttons(?:/|$|&))~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:22:\"RULE-CVE-2025-67588-02\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-67588\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:4.3;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:9:\"elementor\";s:8:\"versions\";s:8:\"<=3.33.0\";s:6:\"method\";s:3:\"PUT\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:110:\"~^(?:/wp-json/wp/v2/e-floating-buttons(?:/|\\?|$)|/\\?(?:[^#]*&)?rest_route=/wp/v2/e-floating-buttons(?:/|$|&))~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:22:\"RULE-CVE-2025-67588-03\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-67588\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:4.3;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:9:\"elementor\";s:8:\"versions\";s:8:\"<=3.33.0\";s:6:\"method\";s:5:\"PATCH\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:110:\"~^(?:/wp-json/wp/v2/e-floating-buttons(?:/|\\?|$)|/\\?(?:[^#]*&)?rest_route=/wp/v2/e-floating-buttons(?:/|$|&))~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:22:\"RULE-CVE-2025-67588-04\";a:12:{s:3:\"cve\";s:14:\"CVE-2025-67588\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:4.3;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:9:\"elementor\";s:8:\"versions\";s:8:\"<=3.33.0\";s:6:\"method\";s:6:\"DELETE\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:110:\"~^(?:/wp-json/wp/v2/e-floating-buttons(?:/|\\?|$)|/\\?(?:[^#]*&)?rest_route=/wp/v2/e-floating-buttons(?:/|$|&))~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:21:\"RULE-CVE-2026-1004-02\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-1004\";s:11:\"description\";s:144:\"Essential Addons for Elementor <=6.5.5 unauthenticated sensitive product information exposure via eael_product_quickview_popup AJAX action (GET)\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1004\";s:8:\"severity\";d:5.3;s:4:\"tags\";a:4:{i:0;s:21:\"missing-authorization\";i:1;s:23:\"sensitive-data-exposure\";i:2;s:15:\"unauthenticated\";i:3;s:4:\"idor\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:35:\"essential-addons-for-elementor-lite\";s:8:\"versions\";s:7:\"<=6.5.5\";s:6:\"method\";s:3:\"GET\";s:11:\"ajax_action\";s:28:\"eael_product_quickview_popup\";s:10:\"conditions\";a:2:{i:0;a:2:{s:4:\"name\";s:15:\"ARGS:product_id\";s:4:\"type\";s:6:\"exists\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:4:\"read\";}}}s:21:\"RULE-CVE-2026-1210-01\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-1210\";s:11:\"description\";s:109:\"Happy Addons for Elementor <=3.20.7 Stored XSS via Age Gate widget desc/footer_text fields in _elementor_data\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1210\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:3:{i:0;s:3:\"xss\";i:1;s:10:\"stored-xss\";i:2;s:16:\"elementor-widget\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:22:\"happy-elementor-addons\";s:8:\"versions\";s:8:\"<=3.20.7\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:22:\"~^/wp-admin/post\\.php~\";}i:1;a:3:{s:4:\"name\";s:20:\"ARGS:_elementor_data\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:87:\"~age[_-]?gate[^}]*(?:desc|footer_text)[^}]*<[^>]*(?:on[a-zA-Z]+=|<script|javascript:)~i\";}i:2;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:15:\"unfiltered_html\";}}}s:21:\"RULE-CVE-2026-1210-02\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-1210\";s:11:\"description\";s:105:\"Happy Addons for Elementor <=3.20.7 Stored XSS via SVG Draw widget ha_custom_svg field in _elementor_data\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1210\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:4:{i:0;s:3:\"xss\";i:1;s:10:\"stored-xss\";i:2;s:16:\"elementor-widget\";i:3;s:7:\"svg-xss\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:22:\"happy-elementor-addons\";s:8:\"versions\";s:8:\"<=3.20.7\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:22:\"~^/wp-admin/post\\.php~\";}i:1;a:3:{s:4:\"name\";s:20:\"ARGS:_elementor_data\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:71:\"~ha_custom_svg[^}]*(?:<script|on[a-zA-Z]+=|javascript:|foreignObject)~i\";}i:2;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:15:\"unfiltered_html\";}}}s:21:\"RULE-CVE-2026-1293-01\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-1293\";s:11:\"description\";s:122:\"Yoast SEO <=26.8 Authenticated (Contributor+) Stored XSS via yoast-schema block attribute in REST API post creation/update\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1293\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:4:{i:0;s:3:\"xss\";i:1;s:10:\"stored-xss\";i:2;s:8:\"rest-api\";i:3;s:15:\"gutenberg-block\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:13:\"wordpress-seo\";s:8:\"versions\";s:6:\"<=26.8\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:68:\"~(?:^/wp-json|(?:^|&|\\?)rest_route=)/wp/v2/posts(?:/\\d+)?(?:/|\\?|$)~\";}i:1;a:3:{s:4:\"name\";s:12:\"ARGS:content\";s:4:\"type\";s:8:\"contains\";s:5:\"value\";s:12:\"yoast-schema\";}i:2;a:3:{s:4:\"name\";s:12:\"ARGS:content\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:21:\"~<\\s*/\\s*(?i:script)~\";}}}s:21:\"RULE-CVE-2026-1293-02\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-1293\";s:11:\"description\";s:119:\"Yoast SEO <=26.8 Authenticated (Contributor+) Stored XSS via yoast-schema block attribute in admin post form submission\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1293\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:4:{i:0;s:3:\"xss\";i:1;s:10:\"stored-xss\";i:2;s:15:\"admin-post-form\";i:3;s:15:\"gutenberg-block\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:13:\"wordpress-seo\";s:8:\"versions\";s:6:\"<=26.8\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:22:\"~^/wp-admin/post\\.php~\";}i:1;a:3:{s:4:\"name\";s:12:\"ARGS:content\";s:4:\"type\";s:8:\"contains\";s:5:\"value\";s:12:\"yoast-schema\";}i:2;a:3:{s:4:\"name\";s:12:\"ARGS:content\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:21:\"~<\\s*/\\s*(?i:script)~\";}}}s:21:\"RULE-CVE-2026-1307-01\";a:11:{s:3:\"cve\";s:13:\"CVE-2026-1307\";s:11:\"description\";s:110:\"Ninja Forms <=3.14.1 sensitive information disclosure via REST submissions endpoint accessible to Contributor+\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1307\";s:8:\"severity\";d:6.5;s:4:\"tags\";a:3:{i:0;s:22:\"information-disclosure\";i:1;s:21:\"missing-authorization\";i:2;s:8:\"rest-api\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:11:\"ninja-forms\";s:8:\"versions\";s:8:\"<=3.14.1\";s:6:\"action\";s:13:\"rest_api_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:91:\"~(?:^/wp-json|(?:^|&|\\?)rest_route=)/ninja-forms-views/forms/[0-9]+/submissions(?:[/?&]|$)~\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:21:\"RULE-CVE-2026-1314-01\";a:11:{s:3:\"cve\";s:13:\"CVE-2026-1314\";s:11:\"description\";s:144:\"Interactive 3D FlipBook <=1.16.17 missing authorization on fb3d_send_post_pages AJAX action allows unauthenticated post page metadata disclosure\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:5.3;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:46:\"interactive-3d-flipbook-powered-physics-engine\";s:8:\"versions\";s:9:\"<=1.16.17\";s:11:\"ajax_action\";s:20:\"fb3d_send_post_pages\";s:10:\"conditions\";a:1:{i:0;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:10:\"edit_posts\";}}}s:21:\"RULE-CVE-2026-1620-01\";a:11:{s:3:\"cve\";s:13:\"CVE-2026-1620\";s:11:\"description\";s:134:\"Livemesh Addons for Elementor <=9.0 authenticated (Contributor+) Local File Inclusion via template parameter in lae_admin_ajax handler\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-1620\";s:8:\"severity\";d:8.8;s:4:\"tags\";a:3:{i:0;s:20:\"local-file-inclusion\";i:1;s:14:\"path-traversal\";i:2;s:13:\"authenticated\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:20:\"addons-for-elementor\";s:8:\"versions\";s:5:\"<=9.0\";s:11:\"ajax_action\";s:14:\"lae_admin_ajax\";s:10:\"conditions\";a:1:{i:0;a:3:{s:4:\"name\";s:13:\"ARGS:template\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:104:\"~(?:(?:\\.{2,}/+){2,}|(?:php|phar|data|expect|zip|glob)://|wp-config\\.php|/etc/passwd|\\.htaccess|\\.env)~i\";}}}s:21:\"RULE-CVE-2026-2268-01\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-2268\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:7.5;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:11:\"ninja-forms\";s:8:\"versions\";s:8:\"<=3.14.0\";s:6:\"method\";s:4:\"POST\";s:11:\"ajax_action\";s:14:\"nf_ajax_submit\";s:10:\"conditions\";a:1:{i:0;a:3:{s:4:\"name\";s:13:\"ARGS:formData\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:22:\"~\\{post_meta:[^}]+\\}~i\";}}}s:21:\"RULE-CVE-2026-2268-02\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-2268\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:7.5;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:11:\"ninja-forms\";s:8:\"versions\";s:8:\"<=3.14.0\";s:6:\"method\";s:4:\"POST\";s:11:\"ajax_action\";s:14:\"nf_ajax_submit\";s:10:\"conditions\";a:1:{i:0;a:3:{s:4:\"name\";s:13:\"ARGS:formData\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:22:\"~\\{user_meta:[^}]+\\}~i\";}}}s:21:\"RULE-CVE-2026-2918-01\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-2918\";s:11:\"description\";s:85:\"Happy Elementor Addons <=3.21.0 IDOR + Stored XSS via ha_condition_update AJAX action\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-2918\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:3:{i:0;s:4:\"idor\";i:1;s:10:\"stored-xss\";i:2;s:21:\"broken-access-control\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:22:\"happy-elementor-addons\";s:8:\"versions\";s:8:\"<=3.21.0\";s:6:\"method\";s:4:\"POST\";s:11:\"ajax_action\";s:19:\"ha_condition_update\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:4:\"ARGS\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:20:\"~[\"\'] *on[a-z]+ *=~i\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:14:\"manage_options\";}}}s:21:\"RULE-CVE-2026-3986-01\";a:12:{s:3:\"cve\";s:13:\"CVE-2026-3986\";s:11:\"description\";s:154:\"Calculated Fields Form <=5.4.5.0 authenticated (Contributor+) stored XSS via form_structure parameter containing unsanitized fcontent in fhtml field types\";s:8:\"cve_link\";s:46:\"https://nvd.nist.gov/vuln/detail/CVE-2026-3986\";s:8:\"severity\";d:6.4;s:4:\"tags\";a:4:{i:0;s:3:\"xss\";i:1;s:6:\"stored\";i:2;s:13:\"authenticated\";i:3;s:25:\"insufficient-sanitization\";}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:22:\"calculated-fields-form\";s:8:\"versions\";s:9:\"<=5.4.5.0\";s:6:\"method\";s:4:\"POST\";s:6:\"action\";s:10:\"admin_init\";s:10:\"conditions\";a:2:{i:0;a:3:{s:4:\"name\";s:19:\"ARGS:form_structure\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:137:\"~(?:<script[\\s/>]|\\bon(?:error|load|mouseover|click|focus|blur)\\s*=|javascript\\s*:|<iframe[\\s/>]|<svg[\\s/>]|<object[\\s/>]|<embed[\\s/>])~i\";}i:1;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:15:\"unfiltered_html\";}}}s:21:\"RULE-CVE-2026-4790-01\";a:11:{s:3:\"cve\";s:13:\"CVE-2026-4790\";s:11:\"description\";s:96:\"Premium Addons for Elementor <=4.11.70 contributor+ stored XSS via custom_svg parameter (CWE-79)\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:5.4;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:6:\"plugin\";s:4:\"slug\";s:28:\"premium-addons-for-elementor\";s:8:\"versions\";s:9:\"<=4.11.70\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:3:{i:0;a:3:{s:4:\"name\";s:11:\"REQUEST_URI\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:28:\"~/wp-admin/admin-ajax\\.php~i\";}i:1;a:3:{s:4:\"name\";s:15:\"ARGS:custom_svg\";s:4:\"type\";s:5:\"regex\";s:5:\"value\";s:149:\"~(?:<script[\\s/>]|\\son(?:load|error|click|mouseover|focus|animationstart|animationend)\\s*=|javascript\\s*:|<iframe[\\s/>]|<embed[\\s/>]|<object[\\s/>])~i\";}i:2;a:2:{s:4:\"type\";s:18:\"missing_capability\";s:5:\"value\";s:15:\"unfiltered_html\";}}}s:14:\"TEST-HEARTBEAT\";a:11:{s:3:\"cve\";s:14:\"TEST-HEARTBEAT\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:0.1;s:4:\"tags\";a:0:{}s:4:\"mode\";s:4:\"pass\";s:6:\"target\";s:4:\"core\";s:4:\"slug\";s:0:\"\";s:8:\"versions\";s:7:\">=1.0.0\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:1:{i:0;a:2:{s:4:\"type\";s:13:\"probabilistic\";s:5:\"value\";s:6:\"0.0001\";}}}s:9:\"TEST-RULE\";a:11:{s:3:\"cve\";s:8:\"TEST-CVE\";s:11:\"description\";s:0:\"\";s:8:\"cve_link\";s:0:\"\";s:8:\"severity\";d:2;s:4:\"tags\";a:0:{}s:4:\"mode\";s:5:\"block\";s:6:\"target\";s:4:\"core\";s:4:\"slug\";s:0:\"\";s:8:\"versions\";s:7:\">=1.0.0\";s:6:\"action\";s:4:\"init\";s:10:\"conditions\";a:1:{i:0;a:3:{s:4:\"name\";s:14:\"ARGS:test-rule\";s:4:\"type\";s:6:\"equals\";s:5:\"value\";s:36:\"b3d45e60-53a5-4959-b911-5178baaef7ac\";}}}}}', 'off') ON DUPLICATE KEY UPDATE `option_name` = VALUES(`option_name`), `option_value` = VALUES(`option_value`), `autoload` = VALUES(`autoload`)