3 matches found
CVE-2026-6514
The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popupsubmit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to...
CVE-2026-1779
The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'registermember' function. This makes it possible for unauthenticated attackers to log in a newly registered user ...
WordPress Rede Itaú for WooCommerce - Payment PIX, Credit Card and Debit plugin <= 5.1.2 - Unauthenticated Order Status Manipulation vulnerability
WordPress Rede Itaú for WooCommerce - Payment PIX, Credit Card and Debit plugin = 5.1.2 - Unauthenticated Order Status Manipulation vulnerability discovered by Os in WordPress Plugin Rede Itaú for WooCommerce versions = 5.1.2...