6 matches found
CVE-2026-57412
The CVE-2026-57412 entry concerns the WordPress Gift Vouchers plugin (versions up to 4.6.9). The vulnerability is described as a Missing Authorization issue caused by Incorrectly Configured Access Control Security Levels, i.e., a Broken Access Control vulnerability. Affected component: gift-vouch...
WordPress Gift Vouchers plugin <= 4.7.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by xwii in WordPress Plugin Gift Vouchers versions = 4.7.0...
WordPress Gift Vouchers plugin <= 4.6.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by dodoh4t in WordPress Plugin Gift Vouchers versions = 4.6.9...
WordPress Gift Cards plugin <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability
Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Gift Vouchers versions = 4.4.9...
VulnCheck KEV: CVE-2018-16159
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the templateid parameter in a wp-admin/admin-ajax.php wpgvdoajaxfronttemplate request...
CVE-2018-16159
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the templateid parameter in a wp-admin/admin-ajax.php wpgvdoajaxfronttemplate request...