Lucene search
K

4 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.11 views

CVE-2026-9175

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS0.00348EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 5:33 a.m.15 views

CVE-2026-9172

WordPress plugin Devs Accounting – Simple Accounting and Invoicing Solution (versions up to 1.2.0) is vulnerable to unauthorized modification/deletion of data due to a missing capability check in delete_single_account(), with the REST route devs-accounting/v1/delete-account/(?P\d+) registered wit...

5.3CVSS6AI score0.00227EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:33 a.m.10 views

EUVD-2026-38659

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS6AI score0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51690

Name of the Vulnerable Software and Affected Versions Devs Accounting – Simple Accounting and Invoicing Solution versions prior to 1.2.1 Description A missing capability check in the delete single account function allows unauthorized modification or deletion of data. The REST route...

5.3CVSS5.9AI score0.00227EPSS
Exploits0References9
Rows per page
Query Builder