Lucene search
K

4 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-9175

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS0.00348EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.35 views

CVE-2026-9175 Devs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'id' Parameter

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS0.00348EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:33 a.m.10 views

EUVD-2026-38659

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS6AI score0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-51691

Name of the Vulnerable Software and Affected Versions Devs Accounting – Simple Accounting and Invoicing Solution versions prior to 1.2.1 Description The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress contains a missing authorization flaw. The get single account...

5.3CVSS5.7AI score0.00348EPSS
Exploits0References8
Rows per page
Query Builder