5 matches found
EUVD-2026-11872
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.9.0...
CVE-2025-63015 WordPress WooCommerce Payment Gateway – Paysera plugin <= 3.10.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in paysera WooCommerce Payment Gateway - Paysera woo-payment-gateway-paysera allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Payment Gateway - Paysera: from n/a through = 3.10.0...
CVE-2025-31806 WordPress Webling plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through = 3.9.0...
GHSA-3R28-RGP9-QGV4 pf4j vulnerable to remote code execution via the zippluginPath parameter
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...
Rocket.Chat Cross-Site Scripting Vulnerability (CNVD-2021-09040)
Rocket.Chat is an open source team chat software. A cross-site scripting vulnerability exists in Rocket.Chat server versions prior to 3.9.0, which stems from the drag-and-drop functionality being susceptible to XSS attacks. No details of the vulnerability are available at this time...