CVE-2025-49950

Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through = 4.3.0...

EUVD-2025-35511

Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through = 4.2.5...

CVE-2025-49950

Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through = 4.3.0...

CVE-2025-49950 WordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerability

Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through = 4.3.0...

CVE-2025-49950 WordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerability

Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through = 4.3.0...

CVE-2025-49950

CVE-2025-49950 affects the WordPress Official Integration for Billingo plugin. A missing authorization flaw enables privilege escalation in Official Integration for Billingo, affecting versions up to 4.2.5 (and related advisories reference stronger versions). Documented impact: privilege escalati...

PT-2025-43211

Name of the Vulnerable Software and Affected Versions billingo Official Integration for Billingo versions through 4.2.5 Description A missing authorization flaw exists in billingo Official Integration for Billingo. This issue allows for privilege escalation. Recommendations Update billingo Offici...

WordPress plugin Official Integration for Billingo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

EUVD-2022-42578

Malicious code in bioql PyPI...

EUVD-2022-42797

Malicious code in bioql PyPI...

WordPress Official Integration for Billingo plugin <= 4.2.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Official Integration for Billingo versions = 4.2.9...

CVE-2022-3420

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

CVE-2022-3154

The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in...

CVE-2022-3420

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

Cross site scripting

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

WordPress plugin Official Integration for Billingo 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

CVE-2022-3420 Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

CVE-2022-3420

The CVE-2022-3420 entry describes a Stored XSS vulnerability in the WordPress plugin “Official Integration for Billingo” prior to version 3.4.0. The root cause is failure to sanitize and escape certain plugin settings, which could allow a high-privilege user (as low as Shop Manager) to inject mal...

PT-2022-22069 · WordPress · Billingo Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Official Integration for Billingo WordPress plugin versions prior to 3.4.0 Description: The issue allows high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks due to the plugin not sanitisi...

CVE-2022-3420 Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...