Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 5:4 p.m.3 views

CVE-2026-25401

Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 5:16 p.m.10 views

CVE-2026-25401

Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...

7.5CVSS0.00278EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-25401 WordPress WPCargo Track & Trace plugin <= 8.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/31 2:7 p.m.5 views

WordPress WPCargo Track & Trace plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by hunter85 in WordPress Plugin WPCargo Track & Trace versions = 8.0.2...

4.3CVSS7AI score0.00233EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.4 views

PT-2024-36152 · Unknown · Wpcargo Track & Trace

Name of the Vulnerable Software and Affected Versions: WPCargo Track & Trace versions 7.0.6 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPCargo Track & Trace, which allows exploitation of incorrectly configured access control security levels...

5.4CVSS6.9AI score0.00476EPSS
Exploits0References3
OSV
OSV
added 2024/09/17 11:15 p.m.1 views

CVE-2024-44004

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through 7.0.6...

9.8CVSS5.8AI score0.00462EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/09/16 5:43 a.m.4 views

WordPress WPCargo Track & Trace plugin <= 8.0.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin WPCargo Track & Trace versions = 8.0.2...

9.8CVSS8.1AI score0.00462EPSS
Exploits0Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2023/11/30 12:0 a.m.3 views

VulnCheck KEV: CVE-2021-25003

The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE...

9.8CVSS7.3AI score0.56148EPSS
Exploits3References1
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.4 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from improper access control...

8.2CVSS7.3AI score0.00672EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.4 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from the disclosure of sensitive information...

7.5CVSS7.3AI score0.00687EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.5 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from the disclosure of sensitive information...

8.6CVSS7.3AI score0.00718EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.4 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from an improper limitation of too many authentication attempts...

7.5CVSS7.3AI score0.00651EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.4 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from improper access control...

7.5CVSS7.3AI score0.0078EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.4 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from an observable response discrepancy when attempting to log into an FTP server...

5.3CVSS5.7AI score0.00574EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.5 views

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from the disclosure of sensitive information...

5.3CVSS5.1AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2022/06/20 8:25 p.m.12 views

MAL-2022-1204 Malicious code in aws-track-and-trace (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d989d00b9eaf887318066983a92806b286fb32f6a58adf315ab01e8bebed6902 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/16 3:15 p.m.6 views

CVE-2022-1436

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargotrackingnumber parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks...

6.1CVSS6.3AI score0.00757EPSS
Exploits1References2
OSV
OSV
added 2022/05/16 3:15 p.m.3 views

CVE-2022-1435

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.8AI score0.00565EPSS
Exploits1References1
OSV
OSV
added 2022/05/16 3:15 p.m.3 views

CVE-2022-1436

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargotrackingnumber parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks...

6.1CVSS6.4AI score0.00757EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/05/16 3:15 p.m.7 views

CVE-2022-1435

The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.5AI score0.00565EPSS
Exploits1References2
Rows per page
Query Builder