5 matches found
EUVD-2026-19878
WWBN AVideo Affected by a PayPal IPN Replay Attack Enabling Wallet Balance Inflation via Missing Transaction Deduplication in ipn.php...
CVE-2026-39366
CVE-2026-39366 affects WWBN AVideo prior to or including version 26.0. The PayPal IPN v1 handler at plugin/PayPalYPT/ipn.php does not perform transaction deduplication, enabling an attacker to replay a single legitimate IPN notification to repeatedly inflate wallet balances and renew subscription...
CVE-2026-2428
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...
CVE-2025-13384
The WordPress plugin CP Contact Form with PayPal (
Linux Distros Unpatched Vulnerability : CVE-2018-1081
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom...