18 matches found
EUVD-2025-19575
Malicious code in bioql PyPI...
EUVD-2024-51572
Malicious code in bioql PyPI...
CVE-2025-5937
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...
CVE-2025-5937
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...
CVE-2025-5937
CVE-2025-5937 affects the MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet WordPress plugin (
CVE-2025-5937 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet <= 3.2.0 - Cross-Site Request Forgery to Settings Reset
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...
CVE-2025-5937 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet <= 3.2.0 - Cross-Site Request Forgery to Settings Reset
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...
CVE-2024-13391
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhispercontentuploadguest' shortcode in all versions up to, and including, 2.9.29 due to insufficient input...
WordPress MicroPayments plugin <= 2.9.29 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin MicroPayments versions = 2.9.29...
WordPress plugin MicroPayments 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
WordPress MicroPayments Paid Membership plugin <= 3.2.4 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin MicroPayments versions = 3.2.4...
CVE-2024-13391
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhispercontentuploadguest' shortcode in all versions up to, and including, 2.9.29 due to insufficient input...
CVE-2024-13391 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet <= 2.9.29 - Authenticated (Contributor+) Stored Cross-Site Scripting
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhispercontentuploadguest' shortcode in all versions up to, and including, 2.9.29 due to insufficient input...
CVE-2024-13391 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet <= 2.9.29 - Authenticated (Contributor+) Stored Cross-Site Scripting
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhispercontentuploadguest' shortcode in all versions up to, and including, 2.9.29 due to insufficient input...
CVE-2024-13391
CVE-2024-13391 relates to a Stored Cross‑Site Scripting vulnerability in the WordPress plugin MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet . The flaw exists in the shortcode videowhisper_content_upload_guest and arises from insufficient input sanitization and o...
WordPress MicroPayments plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress MicroPayments plugin is vulnerable to cross-site request forgery, which stems from the fact...
WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" vulnerable to cross-site request forgery
Overview WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" provided by VideoWhisper contains a cross-site request forgery vulnerability CWE-352. Kosuke Sakai reported and coordinated with the developer to fix this vulnerability. After coordination was...
WordPress MicroPayments plugin <= 1.9.5 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability
Arbitrary Settings Update via Cross-Site Request Forgery CSRF vulnerability discovered by Kosuke Sakai in WordPress MicroPayments plugin versions = 1.9.5. Solution Update the WordPress MicroPayments plugin to the latest available version at least 1.9.6...