CVE-2026-47696

WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess =...

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained security vulnerabilities. These vulnerabilities stemmed from the plugin/AuthorizeNet/processPayment.json.php file, which only increased the logged-in user’s wallet...

WordPress Secure Gateway for Authorize.net and WooCommerce by Pledged Plugins plugin <= 6.1.13 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Authorize.Net Payment Gateway For WooCommerce versions = 6.1.13...

CVE-2025-68013

Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through = 2.1.2...

CVE-2025-68013

Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through = 2.1.2...

CVE-2025-68013 WordPress Payment Gateway Authorize.Net CIM for WooCommerce plugin <= 2.1.2 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through = 2.1.2...

CVE-2025-68013

Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through = 2.1.2...

WordPress Payment Gateway Authorize.Net CIM for WooCommerce plugin <= 2.1.2 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Payment Gateway Authorize.Net CIM for WooCommerce versions = 2.1.2...

EUVD-2025-28053

Malicious code in bioql PyPI...

WordPress plugin Accept Authorize.NET Payments Using Contact Form security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2025-46487

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sftranna EC Authorize.net ec-authorizenet allows Reflected XSS.This issue affects EC Authorize.net: from n/a through = 0.3.3...

PT-2025-5104 · WordPress · Wp Service Payment Form With Authorize.Net

Name of the Vulnerable Software and Affected Versions: WP Service Payment Form With Authorize.net versions n/a through 2.6.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Reflected XSS. This means an attacker can trick a user into performing unintended...

PT-2024-17508 · WordPress · Accept Authorize.Net Payments Using Contact Form 7

Name of the Vulnerable Software and Affected Versions: Accept Authorize.NET Payments Using Contact Form 7 plugin for WordPress versions up to, and including, 2.2 Description: The issue allows unauthenticated attackers to extract configuration data via the cf7adn-info.php file, which can be used t...

WordPress Accept Authorize.NET Payments Using Contact Form 7 plugin <= 2.2 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by Joshua Chan in WordPress Plugin Accept Authorize.NET Payments Using Contact Form 7 versions = 2.2...

WordPress WP Service Payment Form With Authorize.net plugin <= 2.6.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin WP Service Payment Form With Authorize.net versions = 2.6.3...

WordPress Authorize.net Payment Gateway For WooCommerce plugin <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass vulnerability

Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass vulnerability discovered by Lucio Sá in WordPress Plugin Authorize.net Payment Gateway For WooCommerce versions = 8.0...

Unintentionally logging credit card transactions

Solar Designer of the Openwall Project reported a security vulnerability in the contributed authorizenet module which is part of the ecommerce package. Credit card information was being stored in a system log file. The system should not be saving this information. Versions affected Please check t...