5 matches found
CVE-2025-3906
The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wepopcoes' function in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-3906
creationtimestamp| type| source ---|---|--- 2025-04-26 06:08:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13568 2025-04-26 06:12:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnp3el4dbza2 2025-04-26 07:48:22+00:00| seen|...
CVE-2025-3906 Integração entre Eduzz e Woocommerce 1.5.0 - 1.7.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wepopcoes' function in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-3906
CVE-2025-3906 (Integração entre Eduzz e Woocommerce, WordPress) describes a Missing Authorization vulnerability across all versions up to 1.7.5. The issue arises from a missing capability check in the wep_opcoes function, enabling authenticated attackers with Subscriber+ privileges to modify data...
WordPress Integração entre Eduzz e Woocommerce plugin 1.5.0-1.7.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability
Missing Authorization to Authenticated Subscriber+ Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin Integração entre Eduzz e Woocommerce versions 1.5.0-1.7.5...