17 matches found
CVE-2025-67994
Missing Authorization vulnerability in YayCommerce YayCurrency yaycurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayCurrency: from n/a through = 3.3...
CVE-2025-67994
Missing Authorization vulnerability in YayCommerce YayCurrency yaycurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayCurrency: from n/a through = 3.3...
CVE-2025-67994 WordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in YayCommerce YayCurrency yaycurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayCurrency: from n/a through = 3.3...
CVE-2025-67994 WordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in YayCommerce YayCurrency yaycurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayCurrency: from n/a through = 3.3...
CVE-2025-67994
CVE-2025-67994 is a confirmed Missing Authorization vulnerability in the WordPress plugin YayCurrency (YayCommerce YayCurrency) affecting YayCurrency versions up to and including 3.3, allowing unauthorized content deletion. Red Hat/NVD/NVD-derived and CVE databases reference the same issue; Wordf...
WordPress plugin YayCurrency 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-21062
Name of the Vulnerable Software and Affected Versions YayCommerce YayCurrency versions through 3.3 Description An authorization issue exists in YayCommerce YayCurrency that allows exploitation of incorrectly configured access control security levels. Recommendations At the moment, there is no...
WordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerability
Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Plugin YayCurrency versions = 3.3...
EUVD-2025-31286
Malicious code in bioql PyPI...
CVE-2025-60114
Improper Control of Generation of Code 'Code Injection' vulnerability in YayCommerce YayCurrency yaycurrency allows Code Injection.This issue affects YayCurrency: from n/a through = 3.3.1...
WordPress YayCurrency plugin <= 3.3.1 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by Nabil Irawan in WordPress Plugin YayCurrency versions = 3.3.1...
CVE-2025-60114
Improper Control of Generation of Code 'Code Injection' vulnerability in YayCommerce YayCurrency yaycurrency allows Code Injection.This issue affects YayCurrency: from n/a through = 3.3.1...
CVE-2025-60114 WordPress YayCurrency plugin <= 3.3.1 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in YayCommerce YayCurrency yaycurrency allows Code Injection.This issue affects YayCurrency: from n/a through = 3.3.1...
CVE-2025-60114 WordPress YayCurrency plugin <= 3.3.1 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in YayCommerce YayCurrency yaycurrency allows Code Injection.This issue affects YayCurrency: from n/a through = 3.3.1...
CVE-2025-60114
CVE-2025-60114 : YayCurrency (WooCommerce Multi-Currency Switcher)
WordPress plugin YayCurrency 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injecti...
PT-2025-39561
Name of the Vulnerable Software and Affected Versions YayCommerce YayCurrency versions through 3.2 Description A code injection issue exists in YayCommerce YayCurrency. The flaw is due to improper control of code generation. Successful exploitation could allow attackers to inject and execute...