28 matches found
CVE-2026-39584
CVE-2026-39584 documents a Broken Access Control vulnerability in the WordPress RepairBuddy plugin, affecting versions
CVE-2026-24638 WordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerability
Missing Authorization vulnerability in Webful Creations RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 4.1121...
WordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin RepairBuddy versions = 4.1121...
WordPress plugin RepairBuddy 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-39586 WordPress RepairBuddy plugin <= 4.1132 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through = 4.1132...
WordPress plugin RepairBuddy 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-3567
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 4.1132. The plugin exposes two AJAX handlers that, when combined, allow any authenticated user to modify admin-level plugin settings. First, the...
WordPress RepairBuddy plugin <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX Action vulnerability
Missing Authorization to Authenticated Subscriber+ Plugin Settings Modification via wcrepshopsettingssubmission AJAX Action vulnerability discovered by WordFence in WordPress Plugin RepairBuddy versions = 4.1132...
CVE-2026-3567
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 4.1132. The plugin exposes two AJAX handlers that, when combined, allow any authenticated user to modify admin-level plugin settings. First, the...
CVE-2026-3567 RepairBuddy <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX Action
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 4.1132. The plugin exposes two AJAX handlers that, when combined, allow any authenticated user to modify admin-level plugin settings. First, the...
CVE-2026-3567
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 4.1132. The plugin exposes two AJAX handlers that, when combined, allow any authenticated user to modify admin-level plugin settings. First, the...
PT-2026-26721
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 4.1132. The plugin exposes two AJAX handlers that, when combined, allow any authenticated user to modify admin-level plugin settings. First, the wc rb get...
CVE-2026-0820
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wcuploadandsavesignaturehandler function in all versions up to, and including, 4.1116. This makes it possible for...
CVE-2026-0820
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wcuploadandsavesignaturehandler function in all versions up to, and including, 4.1116. This makes it possible for...
EUVD-2026-3150
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wcuploadandsavesignaturehandler function in all versions up to, and including, 4.1116. This makes it possible for...
CVE-2026-0820 RepairBuddy <= 4.1116 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to Orders
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wcuploadandsavesignaturehandler function in all versions up to, and including, 4.1116. This makes it possible for...
CVE-2026-0820 RepairBuddy <= 4.1116 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to Orders
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wcuploadandsavesignaturehandler function in all versions up to, and including, 4.1116. This makes it possible for...
CVE-2026-0820
CVE-2026-0820 (RepairBuddy
EUVD-2024-50723
Malicious code in bioql PyPI...
Exploit for Unrestricted Upload of File with Dangerous Type in Webfulcreations Computer_Repair_Shop
Wordpress Computer Repair Shop = 3.8115 - Unauthenticated Arb...