19 matches found
CVE-2025-66131
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...
EUVD-2025-203579
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.10...
CVE-2025-66131
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...
CVE-2025-66131
Technical details for CVE-2025-66131 (Yaad Sarig Payment Gateway for WC) are not provided in the connected documents. Public information about affected versions, root cause, impact, or fix is not available here; monitor for updates.
CVE-2025-66131 WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...
CVE-2025-66131 WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...
WordPress plugin Yaad Sarig Payment Gateway For WC 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-51419
Name of the Vulnerable Software and Affected Versions Yaad Sarig Payment Gateway For WC versions through 2.2.10 Description The Yaad Sarig Payment Gateway For WC contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access. The issue i...
WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.11 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Yaad Sarig Payment Gateway For WC versions = 2.2.11...
EUVD-2024-33443
Malicious code in bioql PyPI...
CVE-2024-10665
The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...
CVE-2024-10665
The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...
CVE-2024-10665
The CVE-2024-10665 entry concerns the Yaad Sarig Payment Gateway For WC WordPress plugin. The connected documents confirm a root cause: a missing capability check in the yaadpay_view_log_callback() and yaadpay_delete_log_callback() functions, allowing authenticated attackers with Subscriber-level...
CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion
The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...
CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion
The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...
WordPress plugin Yaad Sarig Payment Gateway For WC 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
PT-2024-16441 · WordPress · Yaad Sarig Payment Gateway For Wc
Name of the Vulnerable Software and Affected Versions: Yaad Sarig Payment Gateway For WC plugin for WordPress versions up to, and including, 2.2.4 Description: The issue is related to a missing capability check on the yaadpay view log callback and yaadpay delete log callback functions. This allow...
WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Log Read/Deletion vulnerability discovered by BrokenAC ignore in WordPress Plugin Yaad Sarig Payment Gateway For WC versions = 2.2.4...
WordPress Yaad Sarig Payment Gateway For WC Plugin <= 2.2.4 is vulnerable to Broken Access Control
Software Yaad Sarig Payment Gateway For WC Type Plugin Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10665 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 3abf69feafbc Credits BrokenAC igno...