4 matches found
WordPress KiotViet Sync plugin <= 1.8.5 - Unauthenticated Webhook Key Exposure vulnerability
Unauthenticated Webhook Key Exposure vulnerability discovered by kr0d in WordPress Plugin KiotViet Sync versions = 1.8.5...
CVE-2025-62978 WordPress KiotViet Sync plugin <= 1.8.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Kiotviet KiotViet Sync kiotvietsync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiotViet Sync: from n/a through = 1.8.5...
CVE-2025-62978
CVE-2025-62978 is a Missing Authorization / Broken Access Control vulnerability affecting KiotViet Sync for WordPress (≤ 1.8.5). The advisory notes insufficient access control configuration; CVSS v3.1 base score 4.3 (Medium) with network attack vector and low privileges required. The Red Hat/NVD ...
WordPress KiotViet Sync plugin <= 1.8.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin KiotViet Sync versions = 1.8.5...