CVE-2026-6395

The Word 2 Cash plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in versions up to and including 0.9.2. This is due to the complete absence of nonce verification on the settings save handler in the w2cadmin function, combined with missing inp...

WordPress plugin Word 2 Cash 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Word 2 Cash plugin <= 0.9.2 - Cross-Site Request Forgeryto Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgeryto Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Word 2 Cash versions = 0.9.2...

How Fintech APIs Are Modernizing Business Cash Flow Management

Business cash flow is often harder to manage than revenue. A company can have strong sales and still…...

WordPress Checkout with Cash App on WooCommerce plugin <= 6.0.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Checkout with Cash App on WooCommerce versions = 6.0.2...

Malicious code in @cash-web/no-hardcoded-font-styles (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de4c59cdf3bb5203f5c7721d9180aa09a481a9dd1a6f6aaaf9ca43db40f07287 The package @cash-web/no-hardcoded-font-styles was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2580 Malicious code in @cash-web/no-hardcoded-font-styles (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de4c59cdf3bb5203f5c7721d9180aa09a481a9dd1a6f6aaaf9ca43db40f07287 The package @cash-web/no-hardcoded-font-styles was found to contain malicious code. Source: ghsa-malware...

Automatic Teller Machines for Offline E-Cash

Electronic cash e-cash is a digital alternative to physical currency that allows anonymous transactions between users and merchants. Typically, coins in an e-cash scheme are only dispensed through a central bank. A drawback of this approach is that the bank is always on the critical path during...

ESC/POS Printer Command Injector

This module exploits an unauthenticated ESC/POS command vulnerability in networked Epson-compatible printers. You can print a custom message, trigger the attached cash drawer, or cut the paper. Module Options msf use auxiliary/admin/printer/escpostcpcommandinjector msf...

FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

The U.S. Federal Bureau of Investigation FBI has warned of an increase in ATM jackpotting incidents across the country, leading to losses of more than $20 million in 2025. The agency said 1,900 ATM jackpotting incidents have been reported since 2020, out of which 700 took place last year. In...

GLORY RBG-100 安全漏洞

GLORY RBG-100 is a cash recycling machine from the British company GLORY. There is a security vulnerability in GLORY RBG-100; this vulnerability stems from the ISPK-08 software component containing hard-coded operating system credentials, which may allow unauthorized remote access and complete...

GLORY RBG-100 安全漏洞

GLORY RBG-100 is a cash recycling machine from the British company GLORY. The Glory RBG-100 recycling system has a security vulnerability. This vulnerability stems from the ISPK-08 software component, which contains system binary files with excessive permissions, potentially leading to local...

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28...

CVE-2023-31293

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option...

CVE-2023-31298

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user...

CVE-2023-31294

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...

CVE-2021-2227

Vulnerability in the Oracle Cash Management product of Oracle E-Business Suite component: Bank Account Transfer. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cash Managemen...

EUVD-2025-204245

Missing Authorization vulnerability in The African Boss Get Cash get-cash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Get Cash: from n/a through = 3.2.3...

CVE-2025-49041

Missing Authorization vulnerability in The African Boss Get Cash get-cash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Get Cash: from n/a through = 3.2.3...

CVE-2025-49041 WordPress Get Cash plugin <= 3.2.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in The African Boss Get Cash get-cash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Get Cash: from n/a through = 3.2.3...