Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 8 hours ago5 views

CVE-2026-9172

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to unauthorized modification/deletion of data due to a missing capability check on the deletesingleaccount function in versions up to, and including, 1.2.0. The REST route...

5.3CVSS
Exploits0References3
CVE
CVEadded 9 hours ago7 views

CVE-2026-9172

WordPress plugin Devs Accounting – Simple Accounting and Invoicing Solution (versions up to 1.2.0) is vulnerable to unauthorized modification/deletion of data due to a missing capability check in delete_single_account(), with the REST route devs-accounting/v1/delete-account/(?P\d+) registered wit...

5.3CVSS6AI score
Exploits0References3
CVE
CVEadded 9 hours ago4 views

CVE-2026-9175

The CVE concerns the WordPress plugin Devs Accounting – Simple Accounting and Invoicing Solution, affected versions up to 1.2.0. The root cause is a REST endpoint get-account in get_single_account() where the permission_callback unconditionally returns true, resulting in missing authorization for...

5.3CVSS6AI score
Exploits0References3
EUVD
EUVDadded 9 hours ago3 views

EUVD-2026-38659

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS6AI score
Exploits0References3
Patchstack
Patchstackadded 2025/08/20 9:24 a.m.4 views

WordPress Hesabfa Accounting plugin <= 2.2.5 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Hesabfa Accounting versions = 2.2.5...

5.3CVSS6.8AI score0.00285EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/08/20 9:23 a.m.3 views

WordPress Hesabfa Accounting plugin <= 2.2.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Hesabfa Accounting versions = 2.2.5...

5.4CVSS6.8AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/03/27 10:59 a.m.2 views

WordPress Hesabfa Accounting plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Hesabfa Accounting versions = 2.1.8...

4.3CVSS7AI score0.0019EPSS
Exploits0Affected Software1
Cvelist
Cvelistadded 2024/03/29 6:43 a.m.23 views

CVE-2024-0913 WP ERP <= 1.13.0 - Authenticated (Accounting Manager+) SQL Injection

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to time-based SQL Injection via the erp/v1/accounting/v1/transactions/sales REST API endpoint in all versions up to, and including, 1.13.0 due to insufficient escapi...

7.2CVSS7.3AI score0.00615EPSS
Exploits0References3
OSV
OSVadded 2017/12/14 2:51 p.m.5 views

SUSE-SU-2017:3311-1 Security update for slurm

This update for slurm fixes the following issues: Slurm was updated to 17.02.9 to fix a security bug, bringing new features and bugfixes fate323998 bsc1067580. Security issue fixed: CVE-2017-15566: Fix security issue in Prolog and Epilog by always prepending SPANK to all user-set environment...

7.8CVSS8.8AI score0.00578EPSS
Exploits0References7
Rows per page
Query Builder