105 matches found
PT-2024-12999 · Peprodev · Peprodev Cf7 Database
Name of the Vulnerable Software and Affected Versions: PeproDev CF7 Database versions 1.8.0 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the PeproDev CF7 Database, allowing unauthorized actions to be performed on behalf of a user without their knowledge or consent...
CVE-2024-32518
Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0...
CVE-2024-32518 WordPress PeproDev Ultimate Invoice plugin <= 2.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0...
CVE-2024-32518 WordPress PeproDev Ultimate Invoice plugin <= 2.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0...
PT-2024-24636 · Peprodev · Peprodev Ultimate Invoice
Name of the Vulnerable Software and Affected Versions: PeproDev Ultimate Invoice versions n/a through 2.0.0 Description: The issue is related to a Missing Authorization vulnerability in PeproDev Ultimate Invoice. Recommendations: For PeproDev Ultimate Invoice versions n/a through 2.0.0, at the...
WordPress Plugin PeproDev Ultimate Invoice 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress PeproDev CF7 Database plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by FearZzZz Patchstack Alliance in WordPress Plugin PeproDev CF7 Database versions = 1.8.0...
WordPress PeproDev CF7 Database Plugin <= 1.8.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software PeproDev CF7 Database Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.9.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41864 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3d141a658694 Credits RE-ALTER...
WordPress PeproDev Ultimate Invoice plugin <= 2.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin PeproDev Ultimate Invoice versions = 2.0.0...
WordPress PeproDev Ultimate Invoice Plugin <= 2.0.0 is vulnerable to Broken Access Control
Software PeproDev Ultimate Invoice Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32518 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID f03a4beba6e1 Credits Abdi Pranata...
CVE-2024-25933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7...
CVE-2024-25933 WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7...
CVE-2024-25933 WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7...
CVE-2024-25933
CVE-2024-25933 concerns PeproDev Ultimate Invoice plugin for WordPress. Public details in connected sources indicate unauthenticated exposure of sensitive information via the init_plugin path, affecting PeproDev Ultimate Invoice versions up to 1.9.7. The NVD metrics assign a high base score (7.5)...
WordPress Plugin PeproDev Ultimate Invoice Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-21227 · Peprodev · Peprodev Ultimate Invoice
Name of the Vulnerable Software and Affected Versions: PeproDev Ultimate Invoice versions 1.9.7 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not...
PeproDev Ultimate Invoice < 1.9.8 - Unauthenticated Arbitrary Invoice Access
Description The plugin is vulnerable to Sensitive Information Exposure via the 'initplugin' function. This makes it possible for unauthenticated attackers to generate PDF or ZIP files of arbitrary invoices and extract sensitive data...
WordPress PeproDev Ultimate Invoice Plugin <= 1.9.7 is vulnerable to Sensitive Data Exposure
Software PeproDev Ultimate Invoice Type Plugin Vulnerable versions = 1.9.7 Fixed in 1.9.8 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-25933 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 06191f6ec08b Credits Abdi Pranata...
CVE-2023-41863
Unauth. Stored Cross-Site Scripting XSS vulnerability in Pepro Dev. Group PeproDev CF7 Database plugin = 1.7.0 versions...
CVE-2023-41863 WordPress PeproDev CF7 Database Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)
Unauth. Stored Cross-Site Scripting XSS vulnerability in Pepro Dev. Group PeproDev CF7 Database plugin = 1.7.0 versions...