Lucene search
+L

62 matches found

Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.10 views

PT-2025-44258

Name of the Vulnerable Software and Affected Versions BoldGrid Client Invoicing by Sprout Invoices versions through 20.8.7 Description An issue exists in Client Invoicing by Sprout Invoices related to incorrectly configured access control security levels, potentially allowing unauthorized access...

4.3CVSS6.6AI score0.00172EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-11699

Malware in sbrugna...

4.8CVSS5AI score0.00598EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-3810

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52151

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00478EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:0 p.m.5 views

CVE-2025-24606

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.1...

7.2AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:14 a.m.10 views

CVE-2024-53819

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.0...

5.3CVSS7.2AI score0.00478EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 3:15 p.m.7 views

CVE-2025-24606

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.1...

6.4CVSS0.00255EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 2:22 p.m.46 views

CVE-2025-24606

CVE-2025-24606: Missing Authorization in WordPress plugin Client Invoicing by Sprout Invoices (Sprout Invoices) — Broken Access Control allowing unauthorized access/privilege escalation in Client Invoicing by Sprout Invoices

6.4CVSS7.2AI score0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/27 2:22 p.m.4 views

CVE-2025-24606 WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.1...

6.4CVSS7.2AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.3 views

WordPress plugin Client Invoicing by Sprout Invoices 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...

6.4CVSS8.1AI score0.00255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.8 views

PT-2025-5442 · Sprout Invoices · Client Invoicing

Name of the Vulnerable Software and Affected Versions: Client Invoicing by Sprout Invoices versions prior to 20.8.1 Description: The issue is related to a lack of authorization in Client Invoicing by Sprout Invoices, allowing the exploitation of incorrectly configured access control security...

6.4CVSS9.5AI score0.00255EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/12/27 2:45 p.m.3 views

WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.1...

6.4CVSS7AI score0.00255EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/09 1:15 p.m.21 views

CVE-2024-53819

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.0...

5.3CVSS0.00478EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 12:26 p.m.62 views

CVE-2024-53819

CVE-2024-53819: Missing Authorization (IDOR) vulnerability in WordPress plugin Sprout Invoices – Client Invoicing by Sprout Invoices, affected versions up to 20.8.0. Root cause: insecure direct object references due to missing authorization. Impact: unauthorized access to client invoicing data as...

5.3CVSS7.2AI score0.00478EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.7 views

PT-2024-35934 · Sprout Invoices · Sprout Invoices Client Invoicing

Name of the Vulnerable Software and Affected Versions: Sprout Invoices Client Invoicing by Sprout Invoices versions through 20.8.0 Description: The issue is related to a Missing Authorization vulnerability. This allows for unauthorized access. Recommendations: For versions through 20.8.0, update ...

5.3CVSS6.8AI score0.00478EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

WordPress plugin Client Invoicing by Sprout Invoices 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...

5.3CVSS8.3AI score0.00478EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/02 11:48 a.m.3 views

WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.0...

5.3CVSS7AI score0.00478EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/11/14 12:0 a.m.3 views

WordPress Client Invoicing by Sprout Invoices Plugin <= 20.5.3 is vulnerable to Sensitive Data Exposure

Software Client Invoicing by Sprout Invoices Type Plugin Vulnerable versions = 20.5.3 Fixed in 20.5.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 18a5d45d6ab3 Credits Unknown Requir...

6.9AI score
Exploits0References2Affected Software1
NVD
NVD
added 2021/11/17 11:15 a.m.13 views

CVE-2021-24787

The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00598EPSS
Exploits2References1
Prion
Prion
added 2021/11/17 11:15 a.m.10 views

Cross site scripting

The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.7AI score0.00598EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder