Lucene search
K

11 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.11 views

CVE-2026-9175

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS0.00348EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.35 views

CVE-2026-9172 Devs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Account Deletion via /delete-account/ REST Endpoint

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to unauthorized modification/deletion of data due to a missing capability check on the deletesingleaccount function in versions up to, and including, 1.2.0. The REST route...

5.3CVSS0.00227EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.5 views

CVE-2026-9172

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to unauthorized modification/deletion of data due to a missing capability check on the deletesingleaccount function in versions up to, and including, 1.2.0. The REST route...

5.3CVSS6AI score0.00227EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 5:33 a.m.7 views

EUVD-2026-38677

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to unauthorized modification/deletion of data due to a missing capability check on the deletesingleaccount function in versions up to, and including, 1.2.0. The REST route...

5.3CVSS6AI score0.00227EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 5:33 a.m.14 views

CVE-2026-9172

WordPress plugin Devs Accounting – Simple Accounting and Invoicing Solution (versions up to 1.2.0) is vulnerable to unauthorized modification/deletion of data due to a missing capability check in delete_single_account(), with the REST route devs-accounting/v1/delete-account/(?P\d+) registered wit...

5.3CVSS6AI score0.00227EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:33 a.m.10 views

EUVD-2026-38659

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS6AI score0.00348EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.36 views

CVE-2026-9175 Devs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'id' Parameter

The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.0. This is due to the getsingleaccount REST API callback being registered with a permissioncallback that unconditionally returns tru...

5.3CVSS0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.16 views

PT-2026-51691

Name of the Vulnerable Software and Affected Versions Devs Accounting – Simple Accounting and Invoicing Solution versions prior to 1.2.1 Description The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress contains a missing authorization flaw. The get single account...

5.3CVSS5.7AI score0.00348EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51690

Name of the Vulnerable Software and Affected Versions Devs Accounting – Simple Accounting and Invoicing Solution versions prior to 1.2.1 Description A missing capability check in the delete single account function allows unauthorized modification or deletion of data. The REST route...

5.3CVSS5.9AI score0.00227EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/06/23 4:39 p.m.5 views

WordPress Devs Accounting – Simple Accounting and Invoicing Solution plugin <= 1.2.0 - Missing Authorization to Unauthenticated Account Deletion vulnerability

Missing Authorization to Unauthenticated Account Deletion vulnerability discovered by jamaal in WordPress Plugin Devs Accounting – Simple Accounting and Invoicing Solution versions = 1.2.0...

5.3CVSS5.8AI score0.00227EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/23 4:39 p.m.4 views

WordPress Devs Accounting – Simple Accounting and Invoicing Solution plugin <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by jamaal in WordPress Plugin Devs Accounting – Simple Accounting and Invoicing Solution versions = 1.2.0...

5.3CVSS5.8AI score0.00348EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder