15 matches found
EUVD-2025-21952
Malicious code in bioql PyPI...
EUVD-2025-21951
Malicious code in bioql PyPI...
CVE-2025-6721
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the mrkvvchasnokasawcdometaboxaction function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to generate invoices for arbitrar...
WordPress Vchasno Kasa plugin <= 1.0.3 - Missing Authorization to Unauthenticated Invoice Generation vulnerability
Missing Authorization to Unauthenticated Invoice Generation vulnerability discovered by Poli in WordPress Plugin Vchasno Kasa versions = 1.0.3...
WordPress Vchasno Kasa plugin <= 1.0.3 - Unauthenticated Log File Clearing vulnerability
Unauthenticated Log File Clearing vulnerability discovered by Poli in WordPress Plugin Vchasno Kasa versions = 1.0.3...
CVE-2025-6720
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearalllog function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files...
CVE-2025-6720 Vchasno Kasa <= 1.0.3 - Unauthenticated Log File Clearing
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearalllog function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files...
CVE-2025-6720 Vchasno Kasa <= 1.0.3 - Unauthenticated Log File Clearing
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearalllog function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files...
CVE-2025-6721 Vchasno Kasa <= 1.0.3 - Missing Authorization to Unauthenticated Invoice Generation
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the mrkvvchasnokasawcdometaboxaction function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to generate invoices for arbitrar...
CVE-2025-6721 Vchasno Kasa <= 1.0.3 - Missing Authorization to Unauthenticated Invoice Generation
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the mrkvvchasnokasawcdometaboxaction function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to generate invoices for arbitrar...
CVE-2025-6721
The CVE-2025-6721 affects the Vchasno Kasa WordPress plugin (MORKVA Vchasno Kasa Integration) up to version 1.0.3. Root cause: missing capability check in the mrkv_vchasno_kasa_wc_do_metabox_action() function, enabling unauthenticated users to generate invoices for arbitrary orders. This is an un...
PT-2025-30118 · WordPress · Vchasno Kasa
Name of the Vulnerable Software and Affected Versions: Vchasno Kasa plugin for WordPress versions up to and including 1.0.3 Description: The Vchasno Kasa plugin for WordPress is susceptible to unauthorized data access due to a missing capability check within the mrkv vchasno kasa wc do metabox...
WordPress plugin Vchasno Kasa 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...
PT-2025-30117 · WordPress · Vchasno Kasa
Name of the Vulnerable Software and Affected Versions: Vchasno Kasa plugin for WordPress versions up to and including 1.0.3 Description: The Vchasno Kasa plugin for WordPress is susceptible to unauthorized data loss. This is due to a missing capability check within the clear all log function,...
WordPress plugin Vchasno Kasa 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...