57 matches found
EUVD-2026-23136
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880
The CVE concerns the WordPress plugin Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS, affected up to version 1.11.0. The root cause is insecure token-based authentication where the plugin trusts a user-supplied Base64-encoded user ID in the token parameter to ide...
PT-2026-33185
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2023-49673
A cross-site request forgery CSRF vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password...
CVE-2025-58972 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.10.4 - Path Traversal vulnerability
Path Traversal: '.../...//' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through =...
WordPress Plugin Security Scanner Plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Plugin Security Scanner versions = 2.0.2...
WordPress plugin Barcode Scanner with Inventory & Order Manager 路径遍历漏洞
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exists in the WordPress plugin Barcode Scanner with Inventory & Order...
WordPress plugin Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Malcure...
CVE-2025-53653
Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2025-53653
Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2025-53653
Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2025-53653
CVE-2025-53653 affects Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier. The vulnerability arises from unencrypted storage of Aqua API Scanner Tokens in job config.xml files on the Jenkins controller, making tokens viewable by users with Item/Extended Read permission or anyone with access t...
CVE-2025-53653
Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2023-44240
Cross-Site Request Forgery CSRF vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin = 1.54 versions...
WordPress Qr Code and Barcode Scanner Reader plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Qr Code and Barcode Scanner Reader versions = 1.0.0...
CVE-2024-52427
CVE-2024-52427 affects WordPress Plugin Event Tickets with Ticket Scanner (
WordPress Cookie Scanner plugin <= 1.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Cookie Scanner versions = 1.1...