PUB-A-472711335

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-42753

Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through = 2.11.10...

CVE-2026-42753

Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through = 2.11.10...

PT-2026-43661

Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through = 2.11.10...

CVE-2025-63029

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a through = 3.7.1...

EUVD-2025-209485

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Lovers WCFM Marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a through 3.7.1...

CVE-2025-63029

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a through = 3.7.1...

CVE-2025-63029

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Lovers WCFM Marketplace allows SQL Injection.This issue affects WCFM Marketplace: from n/a through 3.7.1...

PT-2026-33097

Name of the Vulnerable Software and Affected Versions WCFM Marketplace versions n/a through 3.7.1 Description Improper Neutralization of Special Elements used in an SQL Command, also known as SQL Injection, allows for the execution of unauthorized SQL commands. Recommendations At the moment, ther...

CVE-2026-39608

Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through = 1.3.7...

CVE-2026-39705

CVE-2026-39705 concerns the WordPress plugin MIPL WC Multisite Sync by Mulika Team, vulnerable through a missing/incorrect authorization mechanism. The issue affects versions through 1.4.4 and is categorized as Broken Access Control due to improperly configured access control security levels. Pub...

WordPress plugin MIPL WC Multisite Sync 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Malicious Package

Overview wc-skroutz-analytics is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MINI-WC3C-8RPX-GF63

Bulletin has no description...

CVE-2025-68032

Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through = 3.19.0...

CVE-2025-68032 WordPress Advanced WC Analytics plugin <= 3.19.0 - Settings Change vulnerability

Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through = 3.19.0...

CVE-2025-68032

CVE-2025-68032 (WordPress Advanced WC Analytics

CVE-2025-68032 WordPress Advanced WC Analytics plugin <= 3.19.0 - Settings Change vulnerability

Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through = 3.19.0...

WordPress Advanced WC Analytics plugin <= 3.19.0 - Settings Change vulnerability

Settings Change vulnerability discovered by Legion Hunter in WordPress Plugin Advanced WC Analytics versions = 3.19.0...

MiracleLinux 4 : busybox-1.15.1-20.AXS4 (AXSA:2014-023:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-023:01 advisory. Busybox is a single binary which includes versions of a large number of system commands, including a shell. This package can be very useful for recovering fro...