14 matches found
Exploit for CVE-2026-3891
███████╗██████╗ ██╗███████╗███╗ ██╗██████╗ ███████╗ ██╔═...
Exploit for CVE-2026-3891
CVE-2026-3891 Pix for WooCommerce = 1.5.0 - Unauthenticate...
CVE-2026-3891
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lknpixforwoocommercec6savesettings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated...
EUVD-2026-11760
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lknpixforwoocommercec6savesettings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated...
Exploit for CVE-2026-3891
Pix for WooCommerce 📜 Description...
CVE-2026-3891
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lknpixforwoocommercec6savesettings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated...
CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lknpixforwoocommercec6savesettings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated...
CVE-2026-3891 Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lknpixforwoocommercec6savesettings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated...
CVE-2026-3891
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lknpixforwoocommercec6savesettings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated...
CVE-2026-3891
CVE-2026-3891 affects the Pix for WooCommerce WordPress plugin. The issue is an unauthenticated arbitrary file upload in the lkn_pix_for_woocommerce_c6_save_settings endpoint (and related nonce generation flow), caused by missing capability checks and file-type validation in all versions up to 1....
WordPress Pix for WooCommerce plugin <= 1.5.0 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by Alexis Lafontaine in WordPress Plugin Pix for WooCommerce versions = 1.5.0...
PT-2026-25155
Name of the Vulnerable Software and Affected Versions Pix for WooCommerce versions up to and including 1.5.0 Description The Pix for WooCommerce plugin for WordPress is susceptible to arbitrary file uploads. This is due to a missing capability check and a lack of file type validation within the l...
WordPress plugin Pix for WooCommerce 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2025-60189 WordPress PoloPag – Pix Automático para Woocommerce plugin <= 2.0.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PoloPag PoloPag – Pix Automático para Woocommerce wc-polo-payments allows PHP Local File Inclusion.This issue affects PoloPag – Pix Automático para Woocommerce: from n/a through ...