CVE-2026-3124

The CVE-2026-3124 issue affects the WordPress Download Monitor plugin up to version 5.1.7. The root cause is Insecure Direct Object Reference via the executePayment() function due to missing validation on a user controlled key. This enables unauthenticated attackers to complete arbitrary pending ...

CVE-2026-3641 Appmax <= 1.0.3 - Missing Authorization to Order Status Manipulation and Arbitrary Order Creation via Webhook Endpoint

The Appmax plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 1.0.3. This is due to the plugin registering a public REST API webhook endpoint at /webhook-system without implementing webhook signature validation, secret verification, or any...

WordPress Payment Button for PayPal plugin <= 1.2.3.41 - Missing Authorization to Unauthenticated Arbitrary Order Creation vulnerability

Missing Authorization to Unauthenticated Arbitrary Order Creation vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Payment Button for PayPal versions = 1.2.3.41...

PT-2026-4571

The Wizit Gateway for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Order Cancellation in all versions up to, and including, 1.2.9. This is due to a lack of authentication and authorization checks in the 'handle checkout redirecturl response' function. This makes it...

CVE-2025-14463

CVE-2025-14463 affects the WordPress plugin “Payment Button for PayPal” (versions up to and including 1.2.3.41). The vulnerability arises from a publicly exposed AJAX endpoint (wppaypalcheckout_ajax_process_order) that processes checkout results without authentication or server-side verification,...

CVE-2025-14463 Payment Button for PayPal <= 1.2.3.41 - Missing Authorization to Unauthenticated Arbitrary Order Creation

The Payment Button for PayPal plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 1.2.3.41. This is due to the plugin exposing a public AJAX endpoint wppaypalcheckoutajaxprocessorder that processes checkout results without any authentication or...

WordPress Return Refund and Exchange For WooCommerce plugin <= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Order Message Read vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Order Message Read vulnerability discovered by Powpy in WordPress Plugin Return Refund and Exchange For WooCommerce versions = 4.5.5...

CVE-2024-1686

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the applylayout function due to a missing capability check. This makes it possible for authenticated attackers, with...

SUSE CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

UBUNTU-CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

Information disclosure

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with...

CVE-2021-4335 Fancy Product Designer <= 4.6.9 - Insufficient Authorization on Mulitple AJAX Actions

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with...

CVE-2023-2179 WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The plugin does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example PoC Run the...

WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The plugin does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example Run the bel...

RestroPress < 2.8.3.1 - Unauthorised AJAX Calls

The plugin did not check for CSRF as well as capability in some of its AJAX calls which should only be accessible by admin. As a result, any authenticated user can change arbitrary order status, as well as access arbitrary order details including PII such as phone number and address PoC Change th...

Paid Membership Pro < 2.5.3 - Unauthorised Order Information Disclosure

The pmprogetorderjson AJAX action, available to authenticated user did not check for authorisation, allowing any authenticated users to retrieve arbitrary order information such as customer names, email addresses, and order numbers via the orderid parameter. PoC...

WooCommerce < 4.7.0 - Arbitrary Order Status Disclosure via IDOR

"The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the orderid parameter in a fetchorderstatus action." PoC https://example.com/wp-admin/admin-ajax.php?action=fetchorderstatusid=XX...

Information disclosure

member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter...

CVE-2017-14653

member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter...