Skip to main content

B2Bking

3 CVEs product

Monthly

CVE-2026-27346 MEDIUM PATCH This Month

Missing authorization controls in the B2BKing WordPress plugin (versions prior to 5.2.10) allow authenticated high-privileged attackers to exploit incorrectly configured access control security levels, resulting in unauthorized data or configuration modification (high integrity impact). No confidentiality or availability impact is indicated by the CVSS vector. No public exploit identified at time of analysis, and CISA SSVC rates exploitation as none with partial technical impact, suggesting limited real-world threat at this time.

Authentication Bypass B2Bking
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2023-3126 MEDIUM POC This Month

The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'b2bkingdownloadpricelist' function in versions up to, and including, 4.6.00. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass B2Bking
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-3125 MEDIUM POC This Month

The B2BKing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'b2bking_save_price_import' function in versions up to, and including,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass B2Bking
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Missing authorization controls in the B2BKing WordPress plugin (versions prior to 5.2.10) allow authenticated high-privileged attackers to exploit incorrectly configured access control security levels, resulting in unauthorized data or configuration modification (high integrity impact). No confidentiality or availability impact is indicated by the CVSS vector. No public exploit identified at time of analysis, and CISA SSVC rates exploitation as none with partial technical impact, suggesting limited real-world threat at this time.

Authentication Bypass B2Bking
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'b2bkingdownloadpricelist' function in versions up to, and including, 4.6.00. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass B2Bking
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

The B2BKing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'b2bking_save_price_import' function in versions up to, and including,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass B2Bking
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy