Lucene search
K

85 matches found

Vulnrichment
Vulnrichment
added 2024/11/01 2:17 p.m.12 views

CVE-2024-43973 WordPress Payment forms, Buy now buttons and Invoicing System plugin <= 2.8.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through 2.8.11...

4.3CVSS6.9AI score0.00464EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:17 p.m.22 views

CVE-2024-43973 WordPress GetPaid plugin <= 2.8.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through = 2.8.11...

4.3CVSS0.00464EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 7:15 a.m.5 views

CVE-2023-7294

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the createmollieprofile function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-leve...

6.5CVSS5.8AI score0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/16 6:43 a.m.19 views

CVE-2023-7292 Paytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'paytium_notice_dismiss'

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized notification dismissal due to a missing capability check on the paytiumnoticedismiss function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with...

4.3CVSS6.7AI score0.00272EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.30 views

CVE-2023-7290 Paytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'check_for_verified_profiles'

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the checkforverifiedprofiles function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with...

4.3CVSS0.00242EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/16 6:43 a.m.18 views

CVE-2023-7289 Paytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'paytium_sw_save_api_keys'

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized API key update due to a missing capability check on the paytiumswsaveapikeys function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level...

5.4CVSS6.7AI score0.00275EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/10/16 12:0 a.m.6 views

VulnCheck KEV: CVE-2023-7289

The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized API key update due to a missing capability check on the paytiumswsaveapikeys function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with...

5.4CVSS5.8AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.7 views

PT-2024-15271 · WordPress · The Paytium: Mollie Payment Forms & Donations

Name of the Vulnerable Software and Affected Versions: The Paytium: Mollie payment forms & donations plugin for WordPress versions up to, and including, 4.3.7 Description: The issue is related to unauthorized access of data due to a missing capability check on the check for verified profiles...

4.3CVSS6.9AI score0.00242EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/08/28 9:8 a.m.6 views

WordPress GetPaid plugin <= 2.8.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Muhammad Daffa in WordPress Plugin GetPaid versions = 2.8.11...

8.8CVSS5.2AI score0.00464EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/04/17 10:15 a.m.33 views

CVE-2024-32510

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Loopus WP Cost Estimation & Payment Forms Builder allows Reflected XSS.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75...

7.1CVSS6.9AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2024/04/17 10:15 a.m.49 views

CVE-2024-32130

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1...

6.5CVSS6.5AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/17 9:59 a.m.54 views

CVE-2024-32130 WordPress Payment Forms for Paystack plugin <= 3.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1...

6.5CVSS6.7AI score0.00291EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/17 9:59 a.m.29 views

CVE-2024-32130 WordPress Payment Forms for Paystack plugin <= 3.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1...

6.5CVSS6.8AI score0.00291EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/17 9:50 a.m.18 views

CVE-2024-32510 WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.75 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Loopus WP Cost Estimation & Payment Forms Builder allows Reflected XSS.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75...

7.1CVSS6.9AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2024/04/17 8:15 a.m.21 views

CVE-2024-32509

Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76...

6.5CVSS6.5AI score0.00437EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/17 7:43 a.m.13 views

CVE-2024-32509 WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.76 - Broken Access Control vulnerability

Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76...

6.5CVSS7.2AI score0.00437EPSS
Exploits0References1
CVE
CVE
added 2024/04/17 7:43 a.m.68 views

CVE-2024-32509

Technical details about CVE-2024-32509 (WP Cost Estimation & Payment Forms Builder) are not publicly provided in the supplied documents. Monitor for updates.

6.5CVSS5.2AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/17 7:43 a.m.29 views

CVE-2024-32509 WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.76 - Broken Access Control vulnerability

Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76...

6.5CVSS6.7AI score0.00437EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.7 views

PT-2024-24626 · WordPress · Loopus Wp Cost Estimation & Payment Forms Builder

Name of the Vulnerable Software and Affected Versions: Loopus WP Cost Estimation & Payment Forms Builder versions through 10.1.76 Description: The issue is related to a Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder. Recommendations: For versions through...

6.5CVSS6.4AI score0.00437EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.10 views

PT-2024-24425 · Paystack · Payment Forms For Paystack

Name of the Vulnerable Software and Affected Versions: Paystack Payment Forms for Paystack versions 3.4.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS, where an attacker...

6.5CVSS5.8AI score0.00291EPSS
Exploits0References3
Rows per page
Query Builder