Lucene search
K

34 matches found

Vulnrichment
Vulnrichment
added 2024/07/19 6:0 a.m.28 views

CVE-2024-6205 PayPlus Payment Gateway < 6.6.9 - Unauthenticated SQLi

The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability...

7.6AI score0.04168EPSS
Exploits4References1
NVD
NVD
added 2024/07/12 2:15 p.m.44 views

CVE-2024-37564

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PayPlus LTD PayPlus Payment Gateway.This issue affects PayPlus Payment Gateway: from n/a through 7.0.7...

8.5CVSS0.00395EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/12 1:24 p.m.15 views

CVE-2024-37564 WordPress PayPlus Payment Gateway plugin <= 7.0.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PayPlus LTD PayPlus Payment Gateway.This issue affects PayPlus Payment Gateway: from n/a through 7.0.7...

8.5CVSS7.7AI score0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/12 1:24 p.m.35 views

CVE-2024-37564 WordPress PayPlus Payment Gateway plugin <= 7.0.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PayPlus LTD PayPlus Payment Gateway.This issue affects PayPlus Payment Gateway: from n/a through 7.0.7...

8.5CVSS0.00395EPSS
Exploits0References1
CVE
CVE
added 2024/07/12 1:24 p.m.45 views

CVE-2024-37564

CVE-2024-37564 is an SQL injection in the PayPlus Payment Gateway WordPress plugin. The vulnerability affects PayPlus Payment Gateway versions up to and including 7.0.7 and requires authentication (Subscriber+). Wordfence documents label it as “Patched” for PayPlus, indicating a fix is available ...

8.5CVSS8.8AI score0.00395EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.4 views

WordPress plugin PayPlus Payment Gateway security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

8.5CVSS7.4AI score0.00395EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.7 views

PT-2024-27663 · Unknown · Payplus Payment Gateway

Name of the Vulnerable Software and Affected Versions: PayPlus Payment Gateway versions 7.0.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to the improper neutralization of special elements used in an SQL command. This allows for potential exploitation...

8.5CVSS7.6AI score0.00395EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/09 6:18 a.m.5 views

WordPress PayPlus Payment Gateway plugin <= 7.0.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin PayPlus Payment Gateway versions = 7.0.7...

8.5CVSS8.1AI score0.00395EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/09 12:0 a.m.9 views

WordPress PayPlus Payment Gateway Plugin <= 7.0.7 is vulnerable to SQL Injection

Software PayPlus Payment Gateway Type Plugin Vulnerable versions = 7.0.7 Fixed in 7.0.8 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-37564 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 282d31811f37 Credits LVT-tholv2k Required privilege Subscrib...

8.5CVSS6.8AI score0.00395EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/02 1:58 a.m.12 views

WordPress PayPlus Payment Gateway plugin <= 6.6.8 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Project Black in WordPress Plugin PayPlus Payment Gateway versions = 6.6.8...

9.8CVSS8.1AI score0.04168EPSS
Exploits4References2Affected Software1
Patchstack
Patchstack
added 2024/07/02 12:0 a.m.23 views

WordPress PayPlus Payment Gateway Plugin <= 6.6.8 is vulnerable to SQL Injection

Software PayPlus Payment Gateway Type Plugin Vulnerable versions = 6.6.8 Fixed in 6.6.9 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6205 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 47e962c92ffc Credits Project Black Required privilege...

9.8CVSS6.7AI score0.04168EPSS
Exploits4References4Affected Software1
Patchstack
Patchstack
added 2024/07/01 11:51 a.m.3 views

WordPress PayPlus Payment Gateway plugin <= 6.6.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin PayPlus Payment Gateway versions = 6.6.8...

7.1CVSS6.1AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.13 views

WordPress PayPlus Payment Gateway Plugin <= 6.6.8 is vulnerable to Cross Site Scripting (XSS)

Software PayPlus Payment Gateway Type Plugin Vulnerable versions = 6.6.8 Fixed in 6.6.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37459 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3897da93b46e Credits Le Ngoc Anh Required...

7.1CVSS6.6AI score0.00327EPSS
Exploits0References2Affected Software1
hackapp
hackapp
added 2016/04/04 9:48 p.m.17 views

PAYplus - Customized SSL, Runtime command execution, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application PAYplus published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
Rows per page
Query Builder