EUVD-2025-20002

Malicious code in bioql PyPI...

EUVD-2025-22299

Malicious code in bioql PyPI...

WordPress bSecure plugin elevation of privilege vulnerability

WordPress bSecure plugin is a plugin used to enhance the security of the website, mainly for the payment page of GiveWP to provide security features. An elevation of privilege vulnerability exists in the WordPress bSecure plugin, which stems from a lack of authorization in the orderinfo REST...

CVE-2025-6187

The bSecure plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within its orderinfo REST endpoint in versions 1.3.7 through 1.7.9. The plugin registers the /webhook/v2/orderinfo/ route with a permissioncallback that always returns true, effectively bypassing a...

CVE-2025-6187

The bSecure plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within its orderinfo REST endpoint in versions 1.3.7 through 1.7.9. The plugin registers the /webhook/v2/orderinfo/ route with a permissioncallback that always returns true, effectively bypassing a...

CVE-2025-6187

The WordPress bSecure plugin (versions 1.3.7–1.7.9 ) contains a privilege-escalation flaw in the order_info REST endpoint. The plugin registers the route /webhook/v2/order_info/ with a permission_callback that always returns true, effectively bypassing authentication . This lets unauthenticated a...

CVE-2025-6187 bSecure 1.3.7 - 1.7.9 - Missing Authorization to Unauthenticated Privilege Escalation via order_info REST Endpoint

The bSecure plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within its orderinfo REST endpoint in versions 1.3.7 through 1.7.9. The plugin registers the /webhook/v2/orderinfo/ route with a permissioncallback that always returns true, effectively bypassing a...

WordPress plugin bSecure 安全漏洞

WordPress bSecure plugin is a plugin used to enhance the security of the website, mainly for the payment page of GiveWP to provide security features. An elevation of privilege vulnerability exists in the WordPress bSecure plugin, which stems from a lack of authorization in the orderinfo REST...

PT-2025-30386 · WordPress · Bsecure

Name of the Vulnerable Software and Affected Versions: bSecure plugin for WordPress versions 1.3.7 through 1.7.9 Description: The plugin is susceptible to privilege escalation due to a missing authorization check within the order info REST endpoint. The /webhook/v2/order info/ route’s permission...

CVE-2025-52830

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BSecure - Your Universal Checkout bSecure - Your Universal Checkout bsecure allows Blind SQL Injection.This issue affects bSecure - Your Universal Checkout: from n/a through = 1.7.9...

CVE-2025-52830

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bSecure – Your Universal Checkout bSecure – Your Universal Checkout bsecure allows Blind SQL Injection.This issue affects bSecure – Your Universal Checkout: from n/a through = 1.7.9...

CVE-2025-52830

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bSecure – Your Universal Checkout bSecure – Your Universal Checkout bsecure allows Blind SQL Injection.This issue affects bSecure – Your Universal Checkout: from n/a through = 1.7.9...

CVE-2025-52830 WordPress bSecure – Your Universal Checkout plugin <= 1.7.9 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bSecure – Your Universal Checkout bSecure – Your Universal Checkout bsecure allows Blind SQL Injection.This issue affects bSecure – Your Universal Checkout: from n/a through = 1.7.9...

CVE-2025-52830 WordPress bSecure – Your Universal Checkout <= 1.7.9 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bsecuretech bSecure Your Universal Checkout allows Blind SQL Injection. This issue affects bSecure Your Universal Checkout: from n/a through 1.7.9...

CVE-2025-52830

CVE-2025-52830 describes an SQL injection vulnerability in the WordPress plugin “bSecure – Your Universal Checkout” (versions affected: ≤ 1.7.9). The root cause is improper neutralization of special elements in SQL commands, enabling blind SQL injection. The CVSS 3.1 base score is 9.3 (CRITICAL):...

WordPress plugin bSecure – Your Universal Checkout SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

PT-2025-27940 · Unknown · Bsecure - Your Universal Checkout

Name of the Vulnerable Software and Affected Versions: bSecure - Your Universal Checkout versions 1.7.9 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, which affects the bSecure - Your Universal Checkout software. This...

bsecure.fr Cross Site Scripting vulnerability OBB-2695474

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...