VYPR

All in One Time Clock Lite

by All in One Time Clock Lite

CVEs (1)

  • CVE-2025-11758MedNov 4, 2025
    risk 0.35cvss 6.5epss 0.00

    The All in One Time Clock Lite plugin for WordPress is vulnerable to unauthorized access due to a missing authorization check in all versions up to, and including, 2.0.3. This is due to the plugin exposing admin-level AJAX actions to unauthenticated users via wp_ajax_nopriv_…