Lucene search
K

5 matches found

redhatcve
redhatcve
added 2025/07/31 10:6 a.m.5 views

CVE-2025-6730

The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS6AI score0.00184EPSS
Exploits0References1
patchstack
patchstack
added 2025/07/29 12:36 p.m.4 views

WordPress Bonanza – WooCommerce Free Gifts Lite plugin <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success vulnerability

Missing Authorization to Authenticated Subscriber+ Opt In Success vulnerability discovered by Poli in WordPress Plugin Bonanza – WooCommerce Free Gifts Lite versions = 1.0.0...

4.3CVSS6.7AI score0.00184EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2025/07/29 10:15 a.m.4 views

CVE-2025-6730

The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00184EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/07/29 9:23 a.m.1 views

CVE-2025-6730 Bonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success

The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS6.1AI score0.00184EPSS
Exploits0References2
cvelist
cvelist
added 2025/07/29 9:23 a.m.8 views

CVE-2025-6730 Bonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In Success

The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.00184EPSS
Exploits0References2
Rows per page
Query Builder