Lucene search
K

16 matches found

Patchstack
Patchstack
added 2026/06/24 1:41 p.m.6 views

WordPress Kargo Takip plugin <= 1.2 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by Eason - The University of Sydney in WordPress Plugin Kargo Takip versions = 1.2...

7.2CVSS5.8AI score0.0029EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-12095

The Kargo Takip plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2 via the 'apiurl' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

7.2CVSS0.0029EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 5:33 a.m.10 views

CVE-2026-12095

The CVE-2026-12095 entry concerns the WordPress plugin Kargo Takip (versions up to 1.2). It describes an unauthenticated Server-Side Request Forgery (SSRF) via the api_url parameter, enabling an attacker to cause the application to make web requests to arbitrary locations from within the web app....

7.2CVSS6AI score0.0029EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.6 views

CVE-2026-12095

The Kargo Takip plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2 via the 'apiurl' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

7.2CVSS6AI score0.0029EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 5:33 a.m.8 views

EUVD-2026-38670

The Kargo Takip plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2 via the 'apiurl' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

7.2CVSS6AI score0.0029EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.33 views

CVE-2026-12095 Kargo Takip <= 1.2 - Unauthenticated Server-Side Request Forgery via 'api_url' Parameter

The Kargo Takip plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2 via the 'apiurl' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

7.2CVSS0.0029EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51672

Name of the Vulnerable Software and Affected Versions Kargo Takip versions prior to 1.3 Description The Kargo Takip plugin for WordPress contains a Server-Side Request Forgery SSRF issue. This allows unauthenticated attackers to initiate web requests to arbitrary locations from the web applicatio...

7.2CVSS5.9AI score0.0029EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/03/26 5:5 p.m.5 views

CVE-2026-25365

Missing Authorization vulnerability in Özgür KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through 0.2.4...

6.5CVSS5.8AI score0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15687

Missing Authorization vulnerability in Özgür KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through 0.2.4...

5.8AI score0.00315EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.6 views

CVE-2026-25365

Missing Authorization vulnerability in Özgür KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through 0.2.4...

6.5CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.7 views

CVE-2026-25365

CVE-2026-25365 describes a Missing Authorization vulnerability in the Kargo Takip WordPress plugin affecting versions &lt; 0.2.4. Public sources flag Missing Authorization for Kargo Takip (

6.5CVSS5.8AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-25365 WordPress Kargo Takip plugin < 0.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Özgür KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through 0.2.4...

6.5CVSS5.8AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.31 views

CVE-2026-25365 WordPress Kargo Takip plugin < 0.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Özgür KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through 0.2.4...

6.5CVSS0.00315EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Kargo Takip 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.5CVSS5.8AI score0.00315EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27923

Name of the Vulnerable Software and Affected Versions Kargo Takip versions prior to 0.2.4 Description A missing authorization flaw exists in Özgür KARALAR Kargo Takip kargo-takip-turkiye. This issue stems from incorrectly configured access control security levels, potentially allowing unauthorize...

6.5CVSS5.9AI score0.00315EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/20 5:59 p.m.7 views

WordPress Kargo Takip plugin < 0.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Kargo Takip versions 0.2.4...

6.5CVSS5.8AI score0.00315EPSS
Exploits0Affected Software1
Rows per page
Query Builder