Lucene search
K

6 matches found

Patchstack
Patchstack
added 2025/05/12 1:24 p.m.8 views

WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function vulnerability

Authenticated Subscriber+ Privilege Escalation via handleWpLoginCreateUserAction Function vulnerability discovered by wesley wcraft in WordPress Plugin SMS Alert Order Notifications versions = 3.8.1...

8.8CVSS8.4AI score0.00387EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/12 12:19 p.m.17 views

CVE-2025-3876

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with...

8.8CVSS6.7AI score0.00387EPSS
Exploits0References1
NVD
NVD
added 2025/05/10 12:15 p.m.18 views

CVE-2025-3876

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with...

8.8CVSS0.00387EPSS
Exploits0References5
Circl
Circl
added 2025/05/10 11:26 a.m.26 views

CVE-2025-3876

creationtimestamp| type| source ---|---|--- 2025-05-10 11:26:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15890 2025-05-10 13:01:53+00:00| seen| https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3losugcc7esc2 2025-05-10...

8.8CVSS8.7AI score0.00387EPSS
Exploits0References4
CVE
CVE
added 2025/05/10 11:22 a.m.73 views

CVE-2025-3876

CVE-2025-3876 affects SMS Alert Order Notifications – WooCommerce (WordPress). The vulnerability is a Privilege Escalation due to insufficient OTP validation in handleWpLoginCreateUserAction(), affecting all versions up to 3.8.1. Authenticated users with Subscriber+ access can impersonate other a...

8.8CVSS8.6AI score0.00387EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/05/10 11:22 a.m.32 views

CVE-2025-3876 SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with...

8.8CVSS0.00387EPSS
Exploits0References5
Rows per page
Query Builder