Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 10:2 a.m.4 views

CVE-2025-66131

Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...

5.3CVSS5.9AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 9:31 a.m.6 views

EUVD-2025-203579

Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.10...

9.1CVSS6.5AI score0.0023EPSS
Exploits0References2
NVD
NVD
added 2025/12/16 9:15 a.m.5 views

CVE-2025-66131

Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...

5.3CVSS0.0023EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 8:12 a.m.9 views

CVE-2025-66131

Technical details for CVE-2025-66131 (Yaad Sarig Payment Gateway for WC) are not provided in the connected documents. Public information about affected versions, root cause, impact, or fix is not available here; monitor for updates.

5.3CVSS5.9AI score0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:12 a.m.1 views

CVE-2025-66131 WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...

5.3CVSS5.1AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 8:12 a.m.32 views

CVE-2025-66131 WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payment-gateway-for-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yaad Sarig Payment Gateway For WC: from n/a through = 2.2.11...

5.3CVSS0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

WordPress plugin Yaad Sarig Payment Gateway For WC 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.6AI score0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.7 views

PT-2025-51419

Name of the Vulnerable Software and Affected Versions Yaad Sarig Payment Gateway For WC versions through 2.2.10 Description The Yaad Sarig Payment Gateway For WC contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access. The issue i...

9.1CVSS6.5AI score0.0023EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/15 5:2 p.m.4 views

WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Yaad Sarig Payment Gateway For WC versions = 2.2.11...

9.1CVSS5.2AI score0.0023EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33443

Malicious code in bioql PyPI...

5.4CVSS8.6AI score0.00275EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.6 views

CVE-2024-10665

The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...

5.4CVSS6.4AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2024/11/20 10:15 a.m.10 views

CVE-2024-10665

The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...

5.4CVSS0.00275EPSS
Exploits0References3
CVE
CVE
added 2024/11/20 9:31 a.m.43 views

CVE-2024-10665

The CVE-2024-10665 entry concerns the Yaad Sarig Payment Gateway For WC WordPress plugin. The connected documents confirm a root cause: a missing capability check in the yaadpay_view_log_callback() and yaadpay_delete_log_callback() functions, allowing authenticated attackers with Subscriber-level...

5.4CVSS5.1AI score0.00275EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/20 9:31 a.m.12 views

CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion

The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...

5.4CVSS0.00275EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/20 9:31 a.m.6 views

CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion

The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...

5.4CVSS6.5AI score0.00275EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/20 12:0 a.m.3 views

WordPress plugin Yaad Sarig Payment Gateway For WC 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

5.4CVSS8.1AI score0.00275EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.3 views

PT-2024-16441 · WordPress · Yaad Sarig Payment Gateway For Wc

Name of the Vulnerable Software and Affected Versions: Yaad Sarig Payment Gateway For WC plugin for WordPress versions up to, and including, 2.2.4 Description: The issue is related to a missing capability check on the yaadpay view log callback and yaadpay delete log callback functions. This allow...

5.4CVSS8.9AI score0.00275EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/11/19 10:27 p.m.4 views

WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Log Read/Deletion vulnerability discovered by BrokenAC ignore in WordPress Plugin Yaad Sarig Payment Gateway For WC versions = 2.2.4...

5.4CVSS7AI score0.00275EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.9 views

WordPress Yaad Sarig Payment Gateway For WC Plugin <= 2.2.4 is vulnerable to Broken Access Control

Software Yaad Sarig Payment Gateway For WC Type Plugin Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10665 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 3abf69feafbc Credits BrokenAC igno...

5.4CVSS5.4AI score0.00275EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder