2 matches found
CVE-2026-2428
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...
Malicious code in bg-core-payments-automation (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7f31e4b1f7d92e4d7eb25476cf6041e8360ea7a50a002ab1311b3629f34c0f8 Any computer that has this package installed or running should be considered...