Lucene search
K

98 matches found

NVD
NVD
added 2026/07/02 12:17 p.m.8 views

CVE-2026-57674

Unauthenticated Cross Site Scripting XSS in Timetics = 1.0.58 versions...

7.1CVSS0.00191EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:15 a.m.7 views

CVE-2026-57674

Unauthenticated Cross Site Scripting XSS in Timetics = 1.0.58 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 11:15 a.m.7 views

EUVD-2026-41285

Unauthenticated Cross Site Scripting XSS in Timetics = 1.0.58 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.14 views

CVE-2026-57674

CVE-2026-57674 affects WordPress Timetics plugin versions up to 1.0.58, with an unauthenticated Cross Site Scripting (XSS) vulnerability. The available documents identify the affected product and the issue type, including a CVSS 3.1 base score of 7.1 (HIGH) with network access, no privileges requ...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/30 2:59 p.m.6 views

WordPress Timetics plugin <= 1.0.58 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Timetics versions = 1.0.58...

7.1CVSS5.8AI score0.00191EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.11 views

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.4AI score0.00244EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 9:31 a.m.9 views

EUVD-2026-29392

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 9:16 a.m.16 views

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:49 a.m.14 views

CVE-2026-39432

CVE-2026-39432 affects WordPress Timetics plugin (versions ≤ 1.0.53). The issue is a Missing Authorization vulnerability described as Broken Access Control, allowing exploitation due to incorrectly configured access control levels. CVSSv3.1 base score 8.2 (HIGH) with network attack vector, low at...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:49 a.m.7 views

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 7:49 a.m.39 views

CVE-2026-39432 WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS0.00244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 7:49 a.m.7 views

CVE-2026-39432 WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-39947

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/07 11:39 a.m.5 views

WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Simone Maion in WordPress Plugin Timetics versions = 1.0.53...

5.9AI score0.00244EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.5 views

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/12 11:11 p.m.15 views

WordPress Timetics plugin < 1.0.52 - Unauthenticated Payment/Booking Status Update vulnerability

Unauthenticated Payment/Booking Status Update vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Timetics versions 1.0.52...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/12 6:31 a.m.4 views

EUVD-2025-208611

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References2
NVD
NVD
added 2026/03/12 6:16 a.m.5 views

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

4.3CVSS0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/12 6:0 a.m.2 views

CVE-2025-15473 Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

5.8AI score0.00164EPSS
Exploits0References1
Rows per page
Query Builder