22 matches found
CVE-2026-25401
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...
CVE-2026-25401
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...
CVE-2026-25401 WordPress WPCargo Track & Trace plugin <= 8.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...
WordPress WPCargo Track & Trace plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by hunter85 in WordPress Plugin WPCargo Track & Trace versions = 8.0.2...
PT-2024-36152 · Unknown · Wpcargo Track & Trace
Name of the Vulnerable Software and Affected Versions: WPCargo Track & Trace versions 7.0.6 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPCargo Track & Trace, which allows exploitation of incorrectly configured access control security levels...
CVE-2024-44004
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through 7.0.6...
WordPress WPCargo Track & Trace plugin <= 8.0.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin WPCargo Track & Trace versions = 8.0.2...
VulnCheck KEV: CVE-2021-25003
The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from the disclosure of sensitive information...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from improper access control...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from an improper limitation of too many authentication attempts...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from an observable response discrepancy when attempting to log into an FTP server...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from improper access control...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from the disclosure of sensitive information...
SICK ICR890-4 安全漏洞
The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that stems from the disclosure of sensitive information...
MAL-2022-1204 Malicious code in aws-track-and-trace (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d989d00b9eaf887318066983a92806b286fb32f6a58adf315ab01e8bebed6902 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-1436
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargotrackingnumber parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks...
CVE-2022-1435
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-1436
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargotrackingnumber parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks...
CVE-2022-1435
The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...