Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/04/28 6:15 a.m.16 views

CVE-2025-3906

The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wepopcoes' function in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with Subscriber-level...

8.8CVSS6.5AI score0.00387EPSS
Exploits0References1
Circl
Circl
added 2025/04/26 6:8 a.m.8 views

CVE-2025-3906

creationtimestamp| type| source ---|---|--- 2025-04-26 06:08:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13568 2025-04-26 06:12:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnp3el4dbza2 2025-04-26 07:48:22+00:00| seen|...

8.8CVSS8.7AI score0.00387EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/04/26 5:34 a.m.10 views

CVE-2025-3906 Integração entre Eduzz e Woocommerce 1.5.0 - 1.7.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wepopcoes' function in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with Subscriber-level...

8.8CVSS8.3AI score0.00387EPSS
Exploits0References4
CVE
CVE
added 2025/04/26 5:34 a.m.79 views

CVE-2025-3906

CVE-2025-3906 (Integração entre Eduzz e Woocommerce, WordPress) describes a Missing Authorization vulnerability across all versions up to 1.7.5. The issue arises from a missing capability check in the wep_opcoes function, enabling authenticated attackers with Subscriber+ privileges to modify data...

8.8CVSS8.4AI score0.00387EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/04/25 9:14 p.m.10 views

WordPress Integração entre Eduzz e Woocommerce plugin 1.5.0-1.7.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability

Missing Authorization to Authenticated Subscriber+ Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin Integração entre Eduzz e Woocommerce versions 1.5.0-1.7.5...

8.8CVSS8.3AI score0.00387EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder