19 matches found
CVE-2026-3462
The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'uploadcsv' and 'processbatch' functions in all versions up to, and including, 1.8.9. This makes it possible for authenticated attackers, with Subscriber-level access an...
CVE-2026-3462
The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'uploadcsv' and 'processbatch' functions in all versions up to, and including, 1.8.9. This makes it possible for authenticated attackers, with Subscriber-level access an...
CVE-2026-3462
CVE-2026-3462 affects the Frisbii Pay plugin for WordPress (all versions up to 1.8.9). The vulnerability arises from missing capability checks on upload_csv and process_batch, enabling authenticated attackers with Subscriber-level access or higher to modify data by uploading arbitrary CSVs and ov...
CVE-2026-3462 Frisbii Pay <= 1.8.9 - Missing Authorization to Authenticated (Subscriber+) Payment Token Modification
The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'uploadcsv' and 'processbatch' functions in all versions up to, and including, 1.8.9. This makes it possible for authenticated attackers, with Subscriber-level access an...
PT-2026-53057
Name of the Vulnerable Software and Affected Versions Frisbii Pay versions prior to 1.9.0 Description Authenticated users with Subscriber-level access and above can perform unauthorized modification of data. This is caused by missing capability checks in the upload csv and process batch functions...
CVE-2026-56038
Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...
CVE-2026-56038 WordPress Frisbii Pay plugin <= 1.8.2 - Privilege Escalation vulnerability
Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...
CVE-2026-56038
The CVE-2026-56038 entry concerns the WordPress Frisbii Pay plugin, affected on versions ≤ 1.8.2. The connected documents identify a privilege-escalation issue titled “Contributor Privilege Escalation,” indicating an attacker with low access could elevate to contributor privileges. The root cause...
EUVD-2026-39700
Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...
WordPress Frisbii Pay plugin <= 1.8.2 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Denver Jackson in WordPress Plugin Frisbii Pay versions = 1.8.2...
EUVD-2025-26550
Malicious code in bioql PyPI...
CVE-2025-58616
Missing Authorization vulnerability in Frisbii Frisbii Pay reepay-checkout-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frisbii Pay: from n/a through = 1.8.2.1...
CVE-2025-58616
Missing Authorization vulnerability in Frisbii Frisbii Pay reepay-checkout-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frisbii Pay: from n/a through = 1.8.2.1...
WordPress Frisbii Pay Plugin <= 1.8.2.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Denver Jackson in WordPress Plugin Frisbii Pay versions = 1.8.2.1...
CVE-2025-58616
CVE-2025-58616 concerns the WordPress Frisbii Pay plugin (versions up to 1.8.2.1) with a Missing Authorization / Broken Access Control vulnerability. The issue arises from incorrectly configured access control, enabling unauthorized actions. CVSS v3.1 base score 6.5 (Network, Low attack complexit...
CVE-2025-58616 WordPress Frisbii Pay Plugin <= 1.8.2.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Frisbii Frisbii Pay reepay-checkout-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frisbii Pay: from n/a through = 1.8.2.1...
CVE-2025-58616 WordPress Frisbii Pay Plugin <= 1.8.2.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Frisbii Frisbii Pay reepay-checkout-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frisbii Pay: from n/a through = 1.8.2.1...
WordPress plugin Frisbii Pay 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-35750
Name of the Vulnerable Software and Affected Versions: Frisbii Pay versions through 1.8.2.1 Description: A missing authorization issue exists in Frisbii Pay, allowing exploitation due to incorrectly configured access control security levels. Recommendations: At the moment, there is no information...