2 matches found
CVE-2025-4105 Splitit <= 4.2.8 - Missing Authorization to Multiple Administrative Actions
The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions in the 'splitIt-flexfields-payment-gateway.php' file in all versions up to, and including, 4.2.8. This makes it possible for authenticated attackers, with...
WordPress Splitit plugin <= 4.2.8 - Missing Authorization to Multiple Administrative Actions vulnerability
Missing Authorization to Multiple Administrative Actions vulnerability discovered by Sushi Com Abacate in WordPress Plugin Splitit versions = 4.2.8...