CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Cvelist•added 2025/10/22 2:32 p.m.•9 views

CVE-2025-49950 WordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerability

Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through = 4.3.0...

7.2CVSS0.0002EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•1 views

CVE-2025-49950 WordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerability

7.2CVSS5.2AI score0.0002EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•8 views

CVE-2025-49950

CVE-2025-49950 affects the WordPress Official Integration for Billingo plugin. A missing authorization flaw enables privilege escalation in Official Integration for Billingo, affecting versions up to 4.2.5 (and related advisories reference stronger versions). Documented impact: privilege escalati...

7.2CVSS5.9AI score0.0002EPSS

Exploits0References1

CNNVD•added 2025/10/22 12:0 a.m.•1 views

WordPress plugin Official Integration for Billingo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

7.2CVSS6.7AI score0.0002EPSS

Exploits0References1

Patchstack•added 2025/07/10 7:24 a.m.•3 views

WordPress Official Integration for Billingo plugin <= 4.2.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Official Integration for Billingo versions = 4.2.9...

7.3CVSS7AI score0.0002EPSS

Exploits0Affected Software1

OSV•added 2022/10/31 4:15 p.m.•1 views

CVE-2022-3420

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

4.8CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2022/10/31 12:0 a.m.•1 views

PT-2022-22069 · WordPress · Billingo Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Official Integration for Billingo WordPress plugin versions prior to 3.4.0 Description: The issue allows high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks due to the plugin not sanitisi...

4.8CVSS4.7AI score0.00218EPSS

Exploits2References4

Vulnrichment•added 2022/10/31 12:0 a.m.•5 views

CVE-2022-3420 Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS

5.8AI score0.00218EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by