CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

EUVD•added 2026/04/08 9:31 a.m.•0 views

EUVD-2026-20205

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.10...

5.9AI score0.0004EPSS

Exploits0References2

NVD•added 2026/04/08 9:16 a.m.•2 views

CVE-2026-39562

5.3CVSS0.0004EPSS

Exploits0References1

Cvelist•added 2026/04/08 8:30 a.m.•18 views

CVE-2026-39562 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.10 - Broken Access Control vulnerability

5.3CVSS0.0004EPSS

Exploits0References1

CVE•added 2026/04/08 8:30 a.m.•3 views

CVE-2026-39562

CVE-2026-39562 is a Missing Authorization (Broken Access Control) vulnerability in the BoldGrid Client Invoicing by Sprout Invoices WordPress plugin (sprout-invoices) affecting Client Invoicing by Sprout Invoices from n/a through 20.8.10. The Red Hat and ENISA records duplicate the description. C...

5.3CVSS5.9AI score0.0004EPSS

Exploits0References1

ATTACKERKB•added 2026/04/08 8:30 a.m.•3 views

CVE-2026-39562

5.9AI score0.0004EPSS

Exploits0References2

Vulnrichment•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39562 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.10 - Broken Access Control vulnerability

5.8AI score0.0004EPSS

Exploits0References1

Positive Technologies•added 2026/04/08 12:0 a.m.•1 views

PT-2026-31153

5.9AI score0.0004EPSS

Exploits0References3

CNNVD•added 2026/04/08 12:0 a.m.•3 views

WordPress plugin Client Invoicing by Sprout Invoices 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.0004EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:17 p.m.•2 views

CVE-2026-32401

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local File Inclusion.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.9...

7.2CVSS5.8AI score0.00157EPSS

Exploits0References1

Patchstack•added 2026/03/19 10:1 a.m.•2 views

WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.10...

5.9AI score0.0004EPSS

Exploits0Affected Software1

EUVD•added 2026/03/13 9:31 p.m.•1 views

EUVD-2026-11918

5.8AI score0.00157EPSS

Exploits0References2

NVD•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-32401

7.2CVSS0.00157EPSS

Exploits0References1

ATTACKERKB•added 2026/03/13 11:42 a.m.•1 views

CVE-2026-32401

5.8AI score0.00157EPSS

Exploits0References2

CVE•added 2026/03/13 11:42 a.m.•4 views

CVE-2026-32401

The CVE-2026-32401 entry concerns the WordPress plugin WordPress Client Invoicing by Sprout Invoices (Sprout Invoices) affecting versions up to 20.8.9. It is caused by an improper control of the filename used in PHP include/require statements, leading to PHP Local File Inclusion (LFI). The vulner...

7.2CVSS5.8AI score0.00157EPSS

Exploits0References1

Vulnrichment•added 2026/03/13 11:42 a.m.•1 views

CVE-2026-32401 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.9 - Local File Inclusion vulnerability

7.2CVSS5.8AI score0.00157EPSS

Exploits0References1

Positive Technologies•added 2026/03/13 12:0 a.m.•2 views

PT-2026-25247

5.8AI score0.00157EPSS

Exploits0References3

NVD•added 2026/02/19 9:16 a.m.•2 views

CVE-2026-25364