Lucene search
K

120 matches found

NVD
NVD
added 2026/06/15 9:16 p.m.6 views

CVE-2026-42752

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS5.2AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.28 views

CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.16 views

CVE-2026-42752

The CVE-2026-42752 entry concerns the WordPress Stripe Payments plugin (versions up to 2.0.98). It describes an unauthenticated bypass vulnerability in Stripe Payments

6.5CVSS5.2AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.8 views

EUVD-2026-36838

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS5.2AI score0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49464

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS5.2AI score0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 2:16 a.m.12 views

CVE-2021-47983

WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settingscurrencycode parameter. Attackers can submit POST requests to /wp-admin/options.php with script...

6.4CVSS0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 1:55 a.m.48 views

CVE-2021-47983 WordPress Plugin Stripe Payments 2.0.39 Stored XSS via currency_code

WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settingscurrencycode parameter. Attackers can submit POST requests to /wp-admin/options.php with script...

6.4CVSS0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/08 1:55 a.m.10 views

CVE-2021-47983 WordPress Plugin Stripe Payments 2.0.39 Stored XSS via currency_code

WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settingscurrencycode parameter. Attackers can submit POST requests to /wp-admin/options.php with script...

6.4CVSS5.6AI score0.00187EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 1:55 a.m.26 views

CVE-2021-47983

The CVE-2021-47983 issue affects WordPress plugin Stripe Payments 2.0.39, which contains a stored cross-site scripting vulnerability in the AcceptStripePayments-settings[currency_code] parameter. An authenticated attacker can submit POST requests to /wp-admin/options.php with script payloads in c...

6.4CVSS5.6AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 1:55 a.m.12 views

EUVD-2021-34849

WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settingscurrencycode parameter. Attackers can submit POST requests to /wp-admin/options.php with script...

6.4CVSS5.6AI score0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/08 1:55 a.m.7 views

CVE-2021-47983

WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settingscurrencycode parameter. Attackers can submit POST requests to /wp-admin/options.php with script...

6.4CVSS5.6AI score0.00187EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47229

WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settingscurrency code parameter. Attackers can submit POST requests to /wp-admin/options.php with script...

6.4CVSS5.7AI score0.00187EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

WordPress plugin Stripe Payments 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.5AI score0.00187EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/29 4:49 p.m.14 views

WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by dodoh4t in WordPress Plugin Stripe Payments versions = 2.0.98...

6.5CVSS5.8AI score0.00222EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.11 views

PT-2026-44772

Name of the Vulnerable Software and Affected Versions Contact Form 7 – PayPal & Stripe Add-on versions prior to 2.5.0 Description The plugin is subject to a payment bypass due to insufficient verification of data authenticity. While the cf7pp paypal ipn handler function validates IPN authenticity...

5.3CVSS5.2AI score0.00204EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.2 views

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

8.1CVSS5.8AI score0.00494EPSS
Exploits0References1
NVD
NVD
added 2026/03/31 3:16 p.m.4 views

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

8.1CVSS0.00494EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.9 views

PT-2026-23388

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WP AttractiveDonationsSystem allows Blind SQL Injection.This issue affects WP Attractive Donations System - Easy Stripe & Payp...

6AI score0.00241EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/02/26 10:52 a.m.9 views

WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - SQL Injection vulnerability

WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin = 1.25 - SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Attractive Donations System - Easy Stripe & Paypal donations versions = 1.25...

9.3CVSS6AI score0.00241EPSS
Exploits0Affected Software1
Rows per page
Query Builder