Lucene search
K

15 matches found

Cvelist
Cvelist
added 2026/06/25 2:8 p.m.30 views

CVE-2026-57536 Insufficient validation of payment status in pretix-mollie

Our payment integration with Mollie did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment...

6.3CVSS0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51421

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.0047EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-59669

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00275EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-59674

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00327EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-22461

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 7:15 a.m.5 views

CVE-2023-7294

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the createmollieprofile function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-leve...

6.5CVSS5.8AI score0.00327EPSS
Exploits0References2
NVD
NVD
added 2024/10/16 7:15 a.m.25 views

CVE-2023-7294

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the createmollieprofile function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-leve...

7.1CVSS0.00327EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.20 views

CVE-2023-7292 Paytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'paytium_notice_dismiss'

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized notification dismissal due to a missing capability check on the paytiumnoticedismiss function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with...

4.3CVSS0.00272EPSS
Exploits0References2
CVE
CVE
added 2024/10/16 6:43 a.m.59 views

CVE-2023-7291

The Paytium: Mollie payment forms & donations WordPress plugin (up to 4.3.7) is vulnerable due to a missing capability check in create_mollie_account, allowing authenticated subscribers to remotely set up a Mollie account and modify data. Impact is high (data integrity risk; potential confidentia...

8.1CVSS6.8AI score0.00354EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/10/16 6:43 a.m.48 views

CVE-2023-7287

The CVE-2023-7287 entry concerns the WordPress Paytium: Mollie payment forms & donations plugin (versions up to and including 4.3.7). The root cause is a missing capability check in the pt_cancel_subscription function, allowing authenticated users with subscriber-level access to cancel subscripti...

5.4CVSS5.1AI score0.00304EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/10/16 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-7289

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized API key update due to a missing capability check on the paytiumswsaveapikeys function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with...

5.4CVSS5.8AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.6 views

PT-2024-15271 · WordPress · The Paytium: Mollie Payment Forms & Donations

Name of the Vulnerable Software and Affected Versions: The Paytium: Mollie payment forms & donations plugin for WordPress versions up to, and including, 4.3.7 Description: The issue is related to unauthorized access of data due to a missing capability check on the check for verified profiles...

4.3CVSS6.9AI score0.00242EPSS
Exploits0References6
NVD
NVD
added 2024/03/13 4:15 p.m.22 views

CVE-2024-25099

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David de Boer Paytium: Mollie payment forms & donations allows Stored XSS.This issue affects Paytium: Mollie payment forms & donations: from n/a through 4.4.2...

6.5CVSS6.4AI score0.00419EPSS
Exploits0References1
Prion
Prion
added 2024/03/13 4:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David de Boer Paytium: Mollie payment forms & donations allows Stored XSS.This issue affects Paytium: Mollie payment forms & donations: from n/a through 4.4.2...

6CVSS6.9AI score0.00419EPSS
Exploits0References1
wpexploit
wpexploit
added 2021/01/22 12:0 a.m.99 views

Doneren met Mollie < 2.8.5 - Unauthorised CSV Export leading to Sensitive Data Disclosure

The plugin did not check for user capability in the dmmexportdonations function, allowing any authenticated user to export a CSV file containing all donors personal information. GET /wp-admin/admin-post.php?action=dmmexport...

2.5AI score
Exploits0References2
Rows per page
Query Builder