CVE-2025-68571 WordPress SALESmanago plugin <= 3.9.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through = 3.9.0...

CVE-2025-68571

CVE-2025-68571 : A missing/incorrectly configured authorization risk in SALESmanago & Leadoo (SALESmanago plugin for WordPress) allows access control bypass. Affected: SALESmanago & Leadoo (salesmanago) versions up to 3.9.0 and earlier; CVSS v3.1 base score 5.3 (Medium) with Network attack vector...

CVE-2025-68571 WordPress SALESmanago plugin <= 3.9.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through = 3.9.0...

WordPress plugin SALESmanago 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2023-54775

Malicious code in bioql PyPI...

WordPress SALESmanago Plugin <= 3.8.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin SALESmanago versions = 3.8.1...

CVE-2025-57970 WordPress SALESmanago Plugin <= 3.8.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Cross Site Request Forgery.This issue affects SALESmanago & Leadoo: from n/a through = 3.8.1...

CVE-2025-57970

Technical details for CVE-2025-57970 are not provided in the connected documents. A related SALESmanago item (CVE-2025-57971) mentions missing authorization, but does not provide CVE-2025-57970 specifics; monitor for updates.

CVE-2025-57970 WordPress SALESmanago Plugin <= 3.8.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in SALESmanago SALESmanago & Leadoo allows Cross Site Request Forgery.This issue affects SALESmanago & Leadoo: from n/a through 3.8.1...

CVE-2025-57971

SALESmanago & Leadoo WordPress plugin (CVE-2025-57971) contains a Missing Authorization flaw in configurations of access control. Affected versions include 3.8.1 and earlier. CVSS 3.1 base score 5.3 (Network, Low attack complexity, no privileges required, no user interaction). The issue enables a...

CVE-2025-57971 WordPress SALESmanago Plugin <= 3.8.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through = 3.8.1...

CVE-2025-57971 WordPress SALESmanago Plugin <= 3.8.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in SALESmanago SALESmanago & Leadoo salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago & Leadoo: from n/a through = 3.8.1...

WordPress plugin SALESmanago 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2023-4939

The SALESmanago plugin for WordPress is vulnerable to Log Injection in versions up to, and including, 3.2.4. This is due to the use of a weak authentication token for the /wp-json/salesmanago/v1/callbackApiV3 API endpoint which is simply a SHA1 hash of the site URL and client ID found in the page...