Vulnerabilities in Codebangers
5 resultsCVE-2022-44594MEDIUMWordPress All in One Time Clock Lite Plugin <= 1.3.320 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-11758MEDIUMAll in One Time Clock Lite – Tracking Employee Time Has Never Been Easier <= 2.0.3 - Missing Authorization to Page Creation and Information ExposureEPSS 0.2%CVE-2025-6832MEDIUMAll in One Time Clock Lite – Tracking Employee Time Has Never Been Easier <= 2.0 - Reflected Cross-Site ScriptingEPSS 0.2%CVE-2025-6833MEDIUMAll in One Time Clock Lite – Tracking Employee Time Has Never Been Easier <= 2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Clocking In/OutEPSS 0.2%CVE-2025-46513MEDIUMWordPress All in One Time Clock Lite plugin < 1.3.326 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%