CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/04/29 12:16 p.m.•1 views

CVE-2026-42645

4.3CVSS0.00017EPSS

Vulnrichment•added 2026/04/29 10:40 a.m.•0 views

CVE-2026-42645 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.11.0 - Cross Site Request Forgery (CSRF) vulnerability

Cvelist•added 2026/04/29 10:40 a.m.•22 views

CVE-2026-42645 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.11.0 - Cross Site Request Forgery (CSRF) vulnerability

4.3CVSS0.00017EPSS

CVE•added 2026/04/29 10:40 a.m.•2 views

CVE-2026-42645

CVE-2026-42645 affects the WordPress plugin Barcode Scanner with Inventory & Order Manager (component: barcode-scanner-lite-pos-to-manage-products-inventory-and-orders) for versions up to 1.11.0 . The issue is a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to trigg...

EUVD•added 2026/04/29 10:40 a.m.•0 views

EUVD-2026-26216

ATTACKERKB•added 2026/04/29 10:40 a.m.•0 views

CVE-2026-42645

CNNVD•added 2026/04/29 12:0 a.m.•5 views

Exploits0References2

WordPress Plugin Barcode Scanner with Inventory & Order Manager 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00017EPSS

Positive Technologies•added 2026/04/29 12:0 a.m.•0 views

PT-2026-35904

Patchstack•added 2026/04/16 9:5 a.m.•3 views

WordPress Barcode Scanner (+Mobile App) plugin <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability

Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Barcode Scanner with Inventory & Order Manager versions = 1.11.0...

Exploits0References1Affected Software1

EUVD•added 2026/04/16 12:54 a.m.•0 views

EUVD-2026-23136

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

NVD•added 2026/04/16 12:16 a.m.•2 views

Exploits0References4

CVE-2026-4880

9.8CVSS0.00076EPSS

CNNVD•added 2026/04/16 12:0 a.m.•5 views

WordPress plugin Barcode Scanner 安全漏洞

Cvelist•added 2026/04/15 11:25 p.m.•31 views

CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication

9.8CVSS0.00076EPSS

Vulnrichment•added 2026/04/15 11:25 p.m.•1 views

CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication

CVE•added 2026/04/15 11:25 p.m.•4 views

CVE-2026-4880

The CVE concerns the WordPress plugin Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS, affected up to version 1.11.0. The root cause is insecure token-based authentication where the plugin trusts a user-supplied Base64-encoded user ID in the token parameter to ide...

ATTACKERKB•added 2026/04/15 11:25 p.m.•4 views

CVE-2026-4880

Positive Technologies•added 2026/04/15 12:0 a.m.•2 views

Exploits0References4

PT-2026-33185

RedhatCVE•added 2025/11/07 5:33 p.m.•1 views

Exploits0References4

CVE-2025-58972

Path Traversal: '.../...//' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through =...

7.2CVSS7AI score0.00108EPSS

NVD•added 2025/11/06 4:16 p.m.•1 views

CVE-2025-58972

7.2CVSS0.00108EPSS