34 matches found
CVE-2026-12432
The CVE affects the WP Full Stripe Free plugin for WordPress, up to version 8.4.3. The vulnerability is in the wpfs_update_failed_payment_status AJAX action, where the handler is registered via wp_ajax_ and wp_ajax_nopriv_ hooks and the underlying update_failed_payment_status() function performs ...
EUVD-2026-39957
The WP Full Stripe Free plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 8.4.3 via the wpfsupdatefailedpaymentstatus AJAX action. The handler is registered through both wpajax and wpajaxnopriv hooks and the underlying updatefailedpaymentstatus function...
CVE-2026-42378
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
EUVD-2026-36810
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
CVE-2026-42378 WordPress WP Full Stripe Free plugin <= 8.4.1 - Broken Authentication vulnerability
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
CVE-2026-42378
CVE-2026-42378 concerns the WordPress plugin WP Full Stripe Free (versions
PT-2026-49437
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
WordPress WP Full Stripe Free plugin <= 8.4.1 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by hhhai in WordPress Plugin WP Full Stripe Free versions = 8.4.1...
WordPress Stripe Payment Forms plugin <= 8.3.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin WP Full Stripe Free versions = 8.3.1...
EUVD-2025-26988
Malicious code in bioql PyPI...
EUVD-2023-51766
Malicious code in bioql PyPI...
CVE-2025-58789
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through = 8.2.5...
CVE-2025-58789
CVE-2025-58789 describes an SQL Injection in the WordPress plugin WP Full Stripe Free (affected: versions up to 8.3.0; some sources cite until 8.2.5 and up to 8.3.0). The vulnerability arises from improper neutralization of special elements in SQL commands, enabling an attacker to potentially man...
CVE-2025-58789 WordPress WP Full Stripe Free Plugin <= 8.2.5 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through = 8.2.5...
CVE-2025-58789 WordPress WP Full Stripe Free Plugin <= 8.2.5 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through = 8.2.5...
WordPress WP Full Stripe Free Plugin <= 8.2.5 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin WP Full Stripe Free versions = 8.2.5...
PT-2025-36129
Name of the Vulnerable Software and Affected Versions: WP Full Stripe Free versions through 8.3.0 Description: WP Full Stripe Free is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. Recommendations: Update WP Full Stripe Free to a versio...
WordPress plugin WP Full Stripe Free SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
CVE-2023-46088
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mammothology WP Full Stripe Free plugin = 1.6.1 versions...
CVE-2023-47667
Cross-Site Request Forgery CSRF vulnerability in Mammothology WP Full Stripe Free.This issue affects WP Full Stripe Free: from n/a through 7.0.16...