Lucene search
K

70 matches found

NVD
NVD
added yesterday3 views

CVE-2026-57424

Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through = 2.1.4...

6.5CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday28 views

CVE-2026-57424 WordPress Razorpay Payment Links for WooCommerce plugin <= 2.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through = 2.1.4...

6.5CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57424

CVE-2026-57424 affects the WordPress plugin Razorpay Payment Links for WooCommerce (rzp-woocommerce). Multiple sources describe a Missing Authorization / Broken Access Control vulnerability in versions up to and including 2.1.4, allowing exploitation of improperly configured access control. Conne...

6.5CVSS6.1AI score0.00332EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-10865

The Cost Calculator Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.11 via the template body. This makes it possible for unauthenticated attackers to extract the plaintext Stripe secret key, Razorpay secret key, and PayPal...

5.3CVSS0.0037EPSS
Exploits0References10
EUVD
EUVD
added 3 days ago10 views

EUVD-2026-43152

The Cost Calculator Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.11 via the template body. This makes it possible for unauthenticated attackers to extract the plaintext Stripe secret key, Razorpay secret key, and PayPal...

5.3CVSS6.1AI score0.0037EPSS
Exploits0References10
CVE
CVE
added 3 days ago17 views

CVE-2026-10865

CVE-2026-10865 affects the Cost Calculator Builder plugin for WordPress. The vulnerability exists in all versions up to 4.0.11 and arises from exposure in the template body, allowing unauthenticated attackers to read plaintext payment gateway secrets (Stripe secret key, Razorpay secret key, and P...

5.3CVSS6.1AI score0.0037EPSS
Exploits0References10
Patchstack
Patchstack
added 6 days ago5 views

WordPress Razorpay Payment Links for WooCommerce plugin <= 2.1.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by dunvu0 in WordPress Plugin Razorpay Payment Links for WooCommerce versions = 2.1.4...

6.5CVSS6.1AI score0.00332EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.3 views

CVE-2026-39656

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 9:31 a.m.4 views

EUVD-2026-20322

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.9AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39656

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.3CVSS0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.1 views

CVE-2026-39656 WordPress Razorpay for WooCommerce plugin <= 4.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.8AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.24 views

CVE-2026-39656 WordPress Razorpay for WooCommerce plugin <= 4.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.3CVSS0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39656

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.9AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 8:30 a.m.6 views

CVE-2026-39656

CVE-2026-39656 concerns the WordPress Razorpay for WooCommerce plugin, specifically versions up to and including 4.8.2. The vulnerability is described as a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling an unauthorized exposure due to...

5.3CVSS5.9AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

WordPress plugin Razorpay for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31219

Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through = 4.8.2...

5.9AI score0.00214EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.14 views

CVE-2025-14294

The Razorpay for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getCouponList function in all versions up to, and including, 4.7.8. This is due to the checkAuthCredentials permission callback always returning true,...

5.3CVSS5.5AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2025-14294

The Razorpay for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getCouponList function in all versions up to, and including, 4.7.8. This is due to the checkAuthCredentials permission callback always returning true,...

5.3CVSS0.00353EPSS
Exploits0References5
CVE
CVE
added 2026/02/19 4:36 a.m.21 views

CVE-2025-14294

CVE-2025-14294 : Razorpay for WooCommerce (WordPress) is vulnerable to unauthorized modification of order data due to a broken authentication check in getCouponList() caused by checkAuthCredentials() always returning true. This permits unauthenticated attackers to modify billing/shipping contact ...

5.3CVSS5.6AI score0.00353EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/19 4:36 a.m.3 views

CVE-2025-14294 Razorpay for WooCommerce <= 4.7.8 - Missing Authentication to Unauthenticated Order Modification

The Razorpay for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getCouponList function in all versions up to, and including, 4.7.8. This is due to the checkAuthCredentials permission callback always returning true,...

5.3CVSS5.6AI score0.00353EPSS
Exploits0References5
Rows per page
Query Builder