Skip to main content

Pos Entegrat R

1 CVEs product

Monthly

CVE-2026-57688 HIGH This Week

Missing authorization in the POS Entegratör WordPress plugin (versions <= 3.7.103, vendor gurmehub) lets unauthenticated remote attackers reach privileged plugin functions that lack capability checks, enabling unauthorized modification of data with limited service disruption. The flaw is remotely reachable with no authentication or user interaction (CVSS 8.2), but has no confidentiality impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Pos Entegrat R
NVD
CVSS 3.1
8.2
EPSS
0.2%
EPSS 0% CVSS 8.2
HIGH This Week

Missing authorization in the POS Entegratör WordPress plugin (versions <= 3.7.103, vendor gurmehub) lets unauthenticated remote attackers reach privileged plugin functions that lack capability checks, enabling unauthorized modification of data with limited service disruption. The flaw is remotely reachable with no authentication or user interaction (CVSS 8.2), but has no confidentiality impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Pos Entegrat R
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy