Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.14 views

CVE-2025-14270

The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the waordernumbersavenumberfield function. This makes it possible for...

2.7CVSS5.5AI score0.00314EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 7:17 a.m.4 views

CVE-2025-14270

The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the waordernumbersavenumberfield function. This makes it possible for...

2.7CVSS0.00314EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/02/19 4:36 a.m.3 views

CVE-2025-14270 OneClick Chat to Order <= 1.0.9 - Missing Authorization to Authenticated (Editor+) Plugin Settings Update

The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the waordernumbersavenumberfield function. This makes it possible for...

2.7CVSS5.3AI score0.00314EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/19 4:36 a.m.28 views

CVE-2025-14270 OneClick Chat to Order <= 1.0.9 - Missing Authorization to Authenticated (Editor+) Plugin Settings Update

The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the waordernumbersavenumberfield function. This makes it possible for...

2.7CVSS0.00314EPSS
Exploits0References7
CVE
CVE
added 2026/02/19 4:36 a.m.11 views

CVE-2025-14270

CVE-2025-14270 (OneClick Chat to Order, WordPress) The WordPress plugin is vulnerable to an authorization bypass in versions

2.7CVSS5.5AI score0.00314EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.8 views

PT-2026-20613

The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the wa order number save number field function. This makes it possible...

2.7CVSS5.5AI score0.00314EPSS
Exploits0References7
Rows per page
Query Builder