CVE-2025-14971

The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createPartialPayment and cancelPartialPayment functions in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated...

CVE-2025-14971 Link Invoice Payment for WooCommerce <= 2.8.0 - Missing Authorization to Unauthenticated Arbitrary Partial Payment Creation/Cancellation

The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createPartialPayment and cancelPartialPayment functions in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated...

WordPress Link Invoice Payment for WooCommerce plugin <= 2.8.0 - Missing Authorization to Unauthenticated Arbitrary Partial Payment Creation/Cancellation vulnerability

Missing Authorization to Unauthenticated Arbitrary Partial Payment Creation/Cancellation vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Invoice Payment for WooCommerce versions = 2.8.0...

WordPress plugin “Link Invoice Payment for WooCommerce” has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

EUVD-2024-52451

Malicious code in bioql PyPI...

CVE-2024-54328

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in linknacional Invoice Payment for WooCommerce invoice-payment-for-woocommerce allows Reflected XSS.This issue affects Invoice Payment for WooCommerce: from n/a through = 1.7.2...

CVE-2024-54328

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in linknacional Invoice Payment for WooCommerce invoice-payment-for-woocommerce allows Reflected XSS.This issue affects Invoice Payment for WooCommerce: from n/a through = 1.7.2...

CVE-2024-54328

CVE-2024-54328 (Invoice Payment for WooCommerce) is a Reflected XSS vulnerability in the WordPress plugin Invoice Payment for WooCommerce. Public details in connected sources confirm the issue arises from improper input neutralization during web page generation and affects versions up to 1.7.2. T...

CVE-2024-54328 WordPress Invoice Payment for WooCommerce plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in linknacional Invoice Payment for WooCommerce invoice-payment-for-woocommerce allows Reflected XSS.This issue affects Invoice Payment for WooCommerce: from n/a through = 1.7.2...

CVE-2024-54328 WordPress Invoice Payment for WooCommerce plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in linknacional Invoice Payment for WooCommerce invoice-payment-for-woocommerce allows Reflected XSS.This issue affects Invoice Payment for WooCommerce: from n/a through = 1.7.2...

PT-2024-36211 · Woocommerce · Link Nacional Invoice Payment For Woocommerce

Name of the Vulnerable Software and Affected Versions: Link Nacional Invoice Payment for WooCommerce versions 1.7.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS...

WordPress plugin Invoice Payment for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress Invoice Payment for WooCommerce plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Invoice Payment for WooCommerce versions = 1.7.2...

Threat Outbreak Alert RuleID23029: Email Messages Distributing Malicious Software on May 21, 2016

Medium Alert ID: 46329 First Published: 2016 May 23 14:09 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID23029 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID21786: Email Messages Distributing Malicious Software on March 18, 2016

Medium Alert ID: 44202 First Published: 2016 March 18 21:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID21786 may contain the following files: Name | Si...

TheHostingTool 1.2.6 SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: TheHostingTool 1.2.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: https://thehostingtool.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 09/07/2015 Disclosed to public:...

Threat Outbreak Alert RuleID17959: Email Messages Distributing Malicious Software on September 12, 2015

Medium Alert ID: 40984 First Published: 2015 September 14 13:53 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17959 may contain the following files: Name ...

Threat Outbreak Alert RuleID12135: Email Messages Distributing Malicious Software on November 10, 2014

Medium Alert ID: 36310 First Published: 2014 November 4 14:29 GMT Last Updated: 2014 November 11 13:57 GMT Version: 3 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID12135...

Threat Outbreak Alert: Fake Invoice Payment Notice Email Messages on May 27, 2014

Medium Alert ID: 34355 First Published: 2014 May 27 13:33 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment slip notification for the recipient. The text in the email message attempts to convince the recipient to...

Threat Outbreak Alert: Fake Invoice Payment Request Email Messages on April 30, 2014

Medium Alert ID: 34006 First Published: 2014 April 30 18:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an invoice payment request for the recipient. The text in the email message attempts to convince the recipient t...