CVE-2025-68596 WordPress Bit Assist plugin <= 1.5.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bit Assist: from n/a through = 1.5.11...

WordPress Bit Assist plugin <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function vulnerability

Path Traversal to Authenticated Administrator+ Arbitrary File Read via downloadResponseFile Function vulnerability discovered by koffee in WordPress Plugin Bit Assist versions = 1.5.2...

WordPress Bit Assist plugin <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter vulnerability

Authenticated Subscriber+ SQL Injection via id Parameter vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Bit Assist versions = 1.5.2...

WordPress Bit Assist Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Bit Assist Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51371 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e6a54b9372e2 Credits emad Required privilege Administrator Publish...

WordPress Bit Assist Plugin < 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Bit Assist Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6fe902b57878 Credits Unknown Required privilege Administrator...

WordPress Bit Assist Plugin < 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Bit Assist Type Plugin Vulnerable versions 1.1.9 Fixed in 1.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3667 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1c9556717c81 Credits Dipak Panchal th3.d1pak Require...