WordPress Vitepos plugin <= 3.3.0 - Authenticated (Subscriber+) Arbitrary File Upload to Remote Code Execution vulnerability

Authenticated Subscriber+ Arbitrary File Upload to Remote Code Execution vulnerability discovered by Moose Love - Nagasaki Prefectural University in WordPress Plugin Vitepos versions = 3.3.0...

WordPress plugin Vitepos 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-22277 WordPress Vitepos plugin <= 3.1.4 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos vitepos-lite allows Authentication Abuse.This issue affects Vitepos: from n/a through = 3.1.4...

CVE-2025-22277

CVE-2025-22277 affects the Vitepos POS plugin for WooCommerce (appsbd). The connected data confirms a Missing Authorization flaw that enables authentication bypass/abuse via an alternate path or channel, affecting Vitepos versions up to 3.1.4. The record notes a patch has been applied (Patch Stat...

WordPress Vitepos plugin <= 3.1.4 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin Vitepos versions = 3.1.4...

CVE-2025-26750 WordPress Vitepos Plugin <= 3.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in appsbd Vitepos vitepos-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Vitepos: from n/a through = 3.1.3...

WordPress plugin Vitepos 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Vitepos Plugin <= 3.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin Vitepos versions = 3.1.3...

CVE-2024-33574 WordPress Vitepos plugin <= 3.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in appsbd Vitepos.This issue affects Vitepos: from n/a through 3.0.1...

WordPress Vitepos plugin <= 3.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Vitepos versions = 3.0.1...

WordPress Vitepos Plugin <= 3.0.1 is vulnerable to Broken Access Control

Software Vitepos Type Plugin Vulnerable versions = 3.0.1 Fixed in 3.0.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33574 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 328a27247429 Credits Abdi Pranata Required privilege...