Browse all 4 CVE security advisories affecting oliverpos. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Oliverpos is a point-of-sale system designed for retail and hospitality environments, processing transactions and managing inventory. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, often stemming from improper input validation and access control weaknesses. The system has demonstrated security concerns through three publicly disclosed CVEs, highlighting risks in web interfaces and backend components. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential for unauthorized access, data breaches, and system compromise in deployed environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6072 | Oliver POS <= 2.4.2.6 - Unauthenticated Authorization Bypass Through User-Controlled Key to 'OliverAuth' Header — Oliver POS – A WooCommerce Point of Sale (POS)CWE-639 | 6.5 | Medium | 2026-05-20 |
| CVE-2024-13513 | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - Sensitive Information Exposure to Privilege Escalation — Oliver POS – A WooCommerce Point of Sale (POS)CWE-862 | 9.8 | Critical | 2025-02-15 |
| CVE-2024-1954 | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.1.8 - Cross-Site Request Forgery — Oliver POS – A WooCommerce Point of Sale (POS)CWE-352 | 6.3 | Medium | 2024-02-28 |
| CVE-2024-0702 | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.1 - Missing Authorization — Oliver POS – A WooCommerce Point of Sale (POS)CWE-862 | 7.3 | High | 2024-02-20 |
This page lists every published CVE security advisory associated with oliverpos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.