Skip to main content

The Moneytizer

3 CVEs product

Monthly

CVE-2026-39685 MEDIUM This Month

Missing authorization in The Moneytizer WordPress plugin through version 10.0.10 allows unauthenticated remote attackers to modify content via incorrectly configured access control, enabling unauthorized data integrity changes without requiring authentication or user interaction. While CVSS scores 5.3 (medium) and EPSS exploitation probability is minimal at 0.02%, the lack of authentication requirements and network accessibility make this a persistent authorization bypass affecting all installations of vulnerable versions.

Authentication Bypass The Moneytizer
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-6968 HIGH This Week

The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.6.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass CSRF The Moneytizer
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2023-6966 HIGH PATCH This Week

The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass PHP WordPress The Moneytizer
NVD
CVSS 3.1
8.1
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM This Month

Missing authorization in The Moneytizer WordPress plugin through version 10.0.10 allows unauthenticated remote attackers to modify content via incorrectly configured access control, enabling unauthorized data integrity changes without requiring authentication or user interaction. While CVSS scores 5.3 (medium) and EPSS exploitation probability is minimal at 0.02%, the lack of authentication requirements and network accessibility make this a persistent authorization bypass affecting all installations of vulnerable versions.

Authentication Bypass The Moneytizer
NVD
EPSS 0% CVSS 8.1
HIGH This Week

The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.6.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass CSRF +1
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass PHP WordPress +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy