Lucene search
K

632 matches found

Nuclei
Nuclei
added 13 hours ago38 views

Payment Gateway for Telcell < 2.0.4 - Open Redirect

The plugin does not validate the apiurl parameter before redirecting the user to its value, leading to an Open Redirect issue id: CVE-2023-6786 info: name: Payment Gateway for Telcell 2.0.4 - Open Redirect author: s4e-io severity: medium description: | The plugin does not validate the apiurl...

6.1CVSS5.9AI score0.00464EPSS
Exploits2References2
CVE
CVE
added 4 days ago14 views

CVE-2026-57677

The CVE concerns the WordPress Novalnet Payment Gateway for WooCommerce plugin, affected versions

9.8CVSS5.8AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-40902

The Custom Payment Gateways for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'algwccpginputfields' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS5.9AI score0.00247EPSS
Exploits0References8
Patchstack
Patchstack
added 2026/06/29 1:23 p.m.5 views

WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by qdtad in WordPress Plugin Novalnet Payment Gateway for WooCommerce versions = 12.10.3...

9.8CVSS5.8AI score0.00336EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-57635

Unauthenticated Cross Site Request Forgery CSRF in FunnelKit Payment Gateway for Stripe WooCommerce = 1.14.0.3 versions...

6.5CVSS0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.36 views

CVE-2026-56048 WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Payment Gateway Based Fees and Discounts for WooCommerce = 3.0.0 versions...

6.5CVSS0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.10 views

CVE-2026-56048

Summary: CVE-2026-56048 concerns the WordPress plugin “Payment Gateway Based Fees and Discounts for WooCommerce” (versions ≤ 3.0.0). The vulnerability is described as an unauthenticated insecure direct object reference (IDOR). The connected documents confirm the affected product and root cause (I...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39692

Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway = 2.7.4 versions...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 2:16 p.m.6 views

CVE-2026-56023

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39378

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.6 views

CVE-2026-56023

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/19 9:10 a.m.4 views

WordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by ParkHyunWoo in WordPress Plugin UPI QR Code Payment Gateway for WooCommerce versions = 1.6.2...

5.4CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/16 9:31 a.m.52 views

CVE-2026-2381

The CVE concerns the WooCommerce Stripe Payment Gateway plugin for WordPress, affected in all versions up to 10.7.0. Root cause: missing capability check and missing order ownership/order_key verification in the wc_stripe_pay_for_order WC‑AJAX endpoint, with only a nonce validation. Impact: unaut...

6.5CVSS5.3AI score0.00267EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/15 9:30 p.m.6 views

EUVD-2026-36918

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...

7.5CVSS5.2AI score0.00303EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.13 views

CVE-2026-49066

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...

7.5CVSS0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.25 views

CVE-2026-49066 WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...

7.5CVSS0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.5 views

EUVD-2026-36873

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.6 views

CVE-2026-49066 WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.10 views

CVE-2026-34891

CVE-2026-34891 concerns the WordPress IDPay Payment Gateway for WooCommerce plugin (

7.5CVSS5.2AI score0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49503

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References2
Rows per page
Query Builder