85 matches found
EUVD-2025-35924
The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions plugin for WordPress is vulnerable to SQL Injection via the 'wpfs-form-name' parameter in all versions up to, and including, 8.3.1 due to insufficient escaping on the user supplied parameter and lack ...
CVE-2025-9322 Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL Injection
The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions plugin for WordPress is vulnerable to SQL Injection via the 'wpfs-form-name' parameter in all versions up to, and including, 8.3.1 due to insufficient escaping on the user supplied parameter and lack ...
CVE-2025-9322
CVE-2025-9322 : WordPress plugin Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions (up to and including 8.3.1) is vulnerable to unauthenticated SQL Injection via the wpfs-form-name parameter. The issue arises from insufficient escaping of the user-suppli...
PT-2025-43728
Name of the Vulnerable Software and Affected Versions Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions plugin for WordPress versions up to and including 8.3.1 Description The Stripe Payment Forms plugin for WordPress is susceptible to SQL Injection due ...
EUVD-2024-22461
Malicious code in bioql PyPI...
EUVD-2024-30311
Malicious code in bioql PyPI...
EUVD-2024-29951
Malicious code in bioql PyPI...
EUVD-2025-8462
Malicious code in bioql PyPI...
EUVD-2024-28409
Malicious code in bioql PyPI...
CVE-2024-32130
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1...
CVE-2024-32509
Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76...
Sophisticated & Stealthy Formjacking Malware Targets E-Commerce Checkout Pages
📢In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. The Wordfence Threat Intelligence team recently uncovered a sophisticate...
WordPress plugin Payment Forms for Paystack 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Payment Forms for Paystack plugin <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Payment Forms for Paystack versions = 4.0.2...
CVE-2025-22652
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kendysond Payment Forms for Paystack payment-forms-for-paystack allows SQL Injection.This issue affects Payment Forms for Paystack: from n/a through = 4.0.1...
CVE-2025-22652
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kendysond Payment Forms for Paystack payment-forms-for-paystack allows SQL Injection.This issue affects Payment Forms for Paystack: from n/a through = 4.0.1...
CVE-2025-22652 WordPress Payment Forms for Paystack plugin <= 4.0.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kendysond Payment Forms for Paystack payment-forms-for-paystack allows SQL Injection.This issue affects Payment Forms for Paystack: from n/a through = 4.0.1...
CVE-2025-22652
CVE-2025-22652 is a SQL Injection vulnerability in the WordPress plugin Payment Forms for Paystack (vulnerable up to and including 4.0.1). The root cause, as detailed in the exploit repo, is unsafely inserting a URL parameter (order) directly into an SQL query without input validation/escaping in...
CVE-2025-22652 WordPress Payment Forms for Paystack plugin <= 4.0.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kendysond Payment Forms for Paystack allows SQL Injection.This issue affects Payment Forms for Paystack: from n/a through 4.0.1...
Exploit for CVE-2025-22652
CVE-2025-22652 1️⃣ Component type WordPress plugin 2️...