28 matches found
WordPress Actionwear products sync plugin missing authorization vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A missing authorization vulnerability exists in the WordPress Actionwear products sync plugin, no details of the vulnerability are provided at this time...
CVE-2025-49350
Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through = 2.3.3...
EUVD-2025-202042
Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-49350
Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-49350 WordPress Actionwear products sync plugin <= 2.3.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-49350 WordPress Actionwear products sync plugin <= 2.3.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-49350
The CVE-2025-49350 entry concerns the WordPress Actionwear products sync plugin (versions up to 2.3.3). The root cause is a missing authorization due to incorrectly configured access control, leading to a broken access control vulnerability. Affected software is the Actionwear products sync plugi...
WordPress plugin Actionwear products sync 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A missing authorization vulnerability exists in the WordPress Actionwear products sync plugin, no details of the vulnerability are provided at this time...
PT-2025-49985
Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Actionwear products sync: from n/a through = 2.3.3...
WordPress Actionwear products sync plugin <= 2.3.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Actionwear products sync versions = 2.3.3...
EUVD-2025-4849
Malicious code in bioql PyPI...
EUVD-2025-9440
Malicious code in bioql PyPI...
CVE-2025-31619
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows SQL Injection.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-31619
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows SQL Injection.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-31619
CVE-2025-31619 involves an SQL Injection in Actionwear products sync (WordPress plugin). The vulnerability arises from improper handling of SQL commands in the affected component, allowing an authenticated attacker to influence SQL queries. Affected software: Actionwear products sync, versions up...
CVE-2025-31619 WordPress Actionwear products sync plugin <= 2.3.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows SQL Injection.This issue affects Actionwear products sync: from n/a through = 2.3.3...
CVE-2025-31619 WordPress Actionwear products sync plugin <= 2.3.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows SQL Injection.This issue affects Actionwear products sync: from n/a through = 2.3.3...
WordPress plugin Actionwear products sync SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress Actionwear products sync plugin <= 2.3.3 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Dimas Maulana in WordPress Plugin Actionwear products sync versions = 2.3.3...
CVE-2024-13535
The Actionwear products sync plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.3.2. This is due the composer-setup.php file being publicly accessible with 'displayerrors' set to true. This makes it possible for unauthenticated attackers to retrieve...