Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-42341

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerability in FOSSBilling's IPN callback endpoint. When the Custom payment adapter is enabled, an attacker can mark any unpaid invoice as paid and credit...

9.2CVSS6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/26 8:28 a.m.7 views

WordPress User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin <= 5.2.0 - Missing Authorization to Unauthenticated Payment Bypass vulnerability

Missing Authorization to Unauthenticated Payment Bypass vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin User Registration versions = 5.2.0...

6.5CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/18 10:20 a.m.20 views

CVE-2025-14444

CVE-2025-14444 – RegistrationMagic for WordPress has a payment bypass vulnerability in the process_paypal_sdk_payment path. The issue arises from trusting client-supplied payment data without validating that PayPal payment actually completed, enabling unauthenticated users to activate registratio...

5.3CVSS5.7AI score0.00216EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/16 8:38 a.m.28 views

CVE-2025-14757 Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

5.3CVSS0.00327EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/11/27 9:41 a.m.6 views

WordPress SKT PayPal for WooCommerce plugin <= 1.4 - Unauthenticated Payment Bypass vulnerability

Unauthenticated Payment Bypass vulnerability discovered by ch4r0n - FPT Software in WordPress Plugin SKT PayPal for WooCommerce versions = 1.4...

7.5CVSS7AI score0.00284EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/04 5:32 a.m.48 views

CVE-2024-2382 Authorize.net Payment Gateway For WooCommerce <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass

The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...

5.3CVSS5.2AI score0.00206EPSS
Exploits0References2
Rows per page
Query Builder