Leyka < 3.31.2 - Missing Authorization

Description The Leyka plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sendCardCheck function in versions up to, and including, 3.31.1. This makes it possible for unauthenticated attackers to perform a card check...

Card Check - BSD license, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Card Check published at the 'play' market has multiple vulnerabilities...