5 matches found
EUVD-2025-21952
Malicious code in bioql PyPI...
CVE-2025-6721
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the mrkvvchasnokasawcdometaboxaction function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to generate invoices for arbitrar...
CVE-2025-6721 Vchasno Kasa <= 1.0.3 - Missing Authorization to Unauthenticated Invoice Generation
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the mrkvvchasnokasawcdometaboxaction function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to generate invoices for arbitrar...
PT-2025-30118 · WordPress · Vchasno Kasa
Name of the Vulnerable Software and Affected Versions: Vchasno Kasa plugin for WordPress versions up to and including 1.0.3 Description: The Vchasno Kasa plugin for WordPress is susceptible to unauthorized data access due to a missing capability check within the mrkv vchasno kasa wc do metabox...
PT-2025-30117 · WordPress · Vchasno Kasa
Name of the Vulnerable Software and Affected Versions: Vchasno Kasa plugin for WordPress versions up to and including 1.0.3 Description: The Vchasno Kasa plugin for WordPress is susceptible to unauthorized data loss. This is due to a missing capability check within the clear all log function,...