Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/02/12 1:43 p.m.4 views

CVE-2026-1833

The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

5.3CVSS5.5AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 9:15 a.m.9 views

CVE-2026-1833

The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

5.3CVSS0.00285EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:26 a.m.5 views

CVE-2026-1833

The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

5.3CVSS5.5AI score0.00285EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/11 8:26 a.m.5 views

CVE-2026-1833 WaMate Confirm <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Phone Number Blocking/Unblocking

The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

5.3CVSS5.5AI score0.00285EPSS
Exploits0References5
CVE
CVE
added 2026/02/11 8:26 a.m.13 views

CVE-2026-1833

CVE-2026-1833 describes a vulnerability in the WordPress WaMate Confirm – Order Confirmation plugin (versions

5.3CVSS5.5AI score0.00285EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/11 8:26 a.m.25 views

CVE-2026-1833 WaMate Confirm <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Phone Number Blocking/Unblocking

The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

5.3CVSS0.00285EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

WordPress plugin WaMate Confirm – Order Confirmation 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00285EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/02/10 11:6 p.m.8 views

WordPress WaMate Confirm plugin <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Phone Number Blocking/Unblocking vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Phone Number Blocking/Unblocking vulnerability discovered by Legion Hunter in WordPress Plugin WaMate Confirm versions = 2.0.1...

5.3CVSS5.5AI score0.00285EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder