Lucene search
K

661 matches found

Fedora
Fedora
added 2026/04/16 11:42 p.m.10 views

[SECURITY] Fedora 44 Update: kf6-prison-6.25.0-1.fc44

Prison is a Qt-based barcode abstraction layer/library that provides an uniform access to generation of barcodes with data...

5.8AI score
Exploits0
Patchstack
Patchstack
added 2026/04/16 9:5 a.m.9 views

WordPress Barcode Scanner (+Mobile App) plugin <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability

Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Barcode Scanner with Inventory & Order Manager versions = 1.11.0...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/16 12:54 a.m.4 views

EUVD-2026-23136

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References4
NVD
NVD
added 2026/04/16 12:16 a.m.7 views

CVE-2026-4880

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS0.00503EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

WordPress plugin Barcode Scanner 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 11:25 p.m.10 views

CVE-2026-4880

The CVE concerns the WordPress plugin Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS, affected up to version 1.11.0. The root cause is insecure token-based authentication where the plugin trusts a user-supplied Base64-encoded user ID in the token parameter to ide...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/15 11:25 p.m.3 views

CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/15 11:25 p.m.11 views

CVE-2026-4880

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/15 11:25 p.m.38 views

CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS0.00503EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33185

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/14 1:28 a.m.5 views

CVE-2025-70094

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

6.5CVSS5.5AI score0.00162EPSS
Exploits1References1
NVD
NVD
added 2026/02/13 4:16 p.m.4 views

CVE-2025-70094

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

6.5CVSS0.00162EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/13 12:0 a.m.28 views

CVE-2025-70094

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

0.00162EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/13 12:0 a.m.4 views

CVE-2025-70094

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

5.5AI score0.00162EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.6 views

opensourcepos 安全漏洞

OpenSourcePOS is an open-source point-of-sale system. Version 3.4.1 of OpenSourcePOS contains a security vulnerability. This vulnerability stems from insufficient input validation for the Item Category parameter in the Generate Item Barcode function, which may lead to cross-site scripting attacks...

6.5CVSS5.6AI score0.00162EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/13 12:0 a.m.1 views

CVE-2025-70094

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

5.5AI score0.00162EPSS
Exploits1References4
CVE
CVE
added 2026/02/13 12:0 a.m.16 views

CVE-2025-70094

CVE-2025-70094 describes an XSS flaw in the OpenSourcePOS 3.4.1 Generate Item Barcode function. The vulnerability allows an attacker to inject crafted payloads into the Item Category parameter, enabling execution of arbitrary web scripts/HTML in the victim’s browser. The issue affects the Generat...

6.5CVSS5.5AI score0.00162EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.11 views

PT-2026-7996

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

6.5CVSS5.5AI score0.00162EPSS
Exploits1References4
OSV
OSV
added 2026/02/13 12:0 a.m.6 views

CVE-2025-70094

A cross-site scripting XSS vulnerability in the Generate Item Barcode function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Item Category parameter...

6.5CVSS5.6AI score0.00162EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.6 views

PT-2026-7889

Name of the Vulnerable Software and Affected Versions Monkeybread Software MBS DynaPDF Plugin version 21.3.1.1 Description A stack overflow exists in the ZBarcode Encode function. This issue allows attackers to cause a Denial of Service DoS by providing a crafted input. Recommendations Update to ...

7.5CVSS5.5AI score0.00321EPSS
Exploits0References5
Rows per page
Query Builder