7 matches found
EUVD-2024-28447
Malicious code in bioql PyPI...
CVE-2024-30527
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout Accept PayPal Payments allows Manipulating Hidden Fields.This issue affects WP Express Checkout Accept PayPal Payments: from n/a through 2.3.7...
CVE-2024-30527
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout Accept PayPal Payments allows Manipulating Hidden Fields.This issue affects WP Express Checkout Accept PayPal Payments: from n/a through 2.3.7...
WP Express Checkout (Accept PayPal Payments) < 2.3.8 - Unauthenticated Price Manipulation
Description The WP Express Checkout Accept PayPal Payments plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 2.3.7. This is due to insufficient validation on the pricing data being passed to the server. This makes it possible for unauthenticated...
WordPress WP Express Checkout plugin <= 2.3.7 - Price Manipulation vulnerability
Price Manipulation vulnerability discovered by Xinzhi Luo Patchstack Alliance in WordPress Plugin WP Express Checkout Accept PayPal Payments versions = 2.3.7...
CVE-2023-1469
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘peccouponcode’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-lev...
CVE-2023-1469
CVE-2023-1469 affects the WordPress WP Express Checkout plugin. Vulnerability: stored cross-site scripting via pec_coupon[code] in versions up to 2.2.8 caused by insufficient input sanitization and output escaping. Impact: authenticated attackers with administrator-level access can inject web scr...