3 matches found
CVE-2026-24606
CVE-2026-24606 is a Missing Authorization (Broken Access Control) vulnerability in Bayarcash WooCommerce (bayarcash-wc) up to and including version 4.3.11 (and patched up to 4.3.12 per Patchstack). Exploitation relies on incorrectly configured access control security levels. Affected product: Bay...
CVE-2024-2541
The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the Subscribers Import feature. This makes it possible for unauthenticated attackers to extract sensitive data after an administrator has imported subscribers via...
Axiros AXESS ACS Security Breach
Axiros AXESS ACS is an industry flagship software application from Axiros, Inc. Designed to address automated service provisioning, service monitoring and service assurance. A security vulnerability exists in Axiros AXESS ACS versions 4.x prior to 4.3.2 and 5.0.0 that stems from an authorization...