651 matches found
Advisory ROSA-SA-2026-3304
Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...
GHSA-F946-9QP6-VGCH shopper/framework: Authorization bypass in multiple Livewire admin components
Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...
CVE-2026-42645
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
CVE-2026-32834 Easy PayPal Events & Tickets < 1.4 Authentication Bypass via QR Code Scanning
Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. Attackers can...
CVE-2026-42645
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
CVE-2026-42645 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.11.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
CVE-2026-42645 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.11.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
CVE-2026-42645
CVE-2026-42645 affects the WordPress plugin Barcode Scanner with Inventory & Order Manager (component: barcode-scanner-lite-pos-to-manage-products-inventory-and-orders) for versions up to 1.11.0 . The issue is a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to trigg...
EUVD-2026-26216
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
CVE-2026-42645
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
WordPress Plugin Barcode Scanner with Inventory & Order Manager 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-35904
Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...
[SECURITY] Fedora 44 Update: kf6-prison-6.25.0-1.fc44
Prison is a Qt-based barcode abstraction layer/library that provides an uniform access to generation of barcodes with data...
WordPress Barcode Scanner (+Mobile App) plugin <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability
Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Barcode Scanner with Inventory & Order Manager versions = 1.11.0...
EUVD-2026-23136
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
WordPress plugin Barcode Scanner 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication
The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...
CVE-2026-4880
The CVE concerns the WordPress plugin Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS, affected up to version 1.11.0. The root cause is insecure token-based authentication where the plugin trusts a user-supplied Base64-encoded user ID in the token parameter to ide...