CVE-2026-52711

CVE-2026-52711 affects the WordPress WooCommerce POS plugin, version

CVE-2026-6072

The Oliver POS plugin for WordPress (WooCommerce integration) is affected up to version 2.4.2.6 by an Authorization Bypass in the /wp-json/pos-bridge/* API. The issue arises from a loose PHP comparison in oliver_pos_rest_authentication() that compares the attacker-supplied OliverAuth header to th...

CVE-2024-2384

The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated attackers, with...

EUVD-2025-15523

Malicious code in bioql PyPI...

CVE-2025-48117

Missing Authorization vulnerability in kilbot WooCommerce POS woocommerce-pos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce POS: from n/a through = 1.7.8...

CVE-2025-48117

Missing Authorization vulnerability in kilbot WooCommerce POS woocommerce-pos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce POS: from n/a through = 1.7.8...

CVE-2025-48117

CVE-2025-48117 refers to a Missing Authorization (Broken Access Control) vulnerability in the WordPress WooCommerce POS plugin (Kilbot WooCommerce POS), affecting versions up to and including 1.7.8. The CVSS 3.1 vector indicates network access with low attack complexity, no user interaction, and ...

CVE-2025-48117 WordPress WooCommerce POS plugin <= 1.7.8 - Broken Access Control Vulnerability

Missing Authorization vulnerability in kilbot WooCommerce POS woocommerce-pos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce POS: from n/a through = 1.7.8...

CVE-2025-48117 WordPress WooCommerce POS plugin <= 1.7.8 - Broken Access Control Vulnerability

Missing Authorization vulnerability in kilbot WooCommerce POS woocommerce-pos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce POS: from n/a through = 1.7.8...

WordPress WooCommerce POS plugin <= 1.7.8 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Marek Mikita in WordPress Plugin WooCommerce POS versions = 1.7.8...

WordPress plugin WooCommerce POS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-21723 · Woocommerce · Kilbot Woocommerce Pos

Name of the Vulnerable Software and Affected Versions: kilbot WooCommerce POS versions 1.7.8 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For kilbot WooCommer...

CVE-2024-2384

The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated attackers, with...

WordPress WooCommerce POS Plugin <= 1.4.11 is vulnerable to Sensitive Data Exposure

Software WooCommerce POS Type Plugin Vulnerable versions = 1.4.11 Fixed in 1.4.12 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-2384 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3a9aafe43482 Credits Lucio Sá Required...