19 matches found
EUVD-2024-30373
Malicious code in bioql PyPI...
CVE-2024-32571
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41...
CVE-2022-3986
The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2024-32571
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41...
CVE-2024-32571 WordPress WP Stripe Checkout plugin <= 1.2.2.41 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41...
CVE-2024-32571
CVE-2024-32571 : Stored XSS in WP Stripe Checkout (naa986) via input during web page generation, affecting WP Stripe Checkout versions up to 1.2.2.41. Connected sources confirm the issue as improper neutralization of input in the shortcode context, enabling stored cross-site scripting. Red Hat an...
CVE-2023-52143
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37...
CVE-2023-52143
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37...
Code injection
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37...
CVE-2023-52143
CVE-2023-52143 concerns WP Stripe Checkout (WP Stripe Checkout plugin) where a Sensitive Information Exposure via Debug Log vulnerability affects versions 1.2.2.37 and earlier. The issue is that logs may reveal sensitive data to unauthorized actors. CVSS 3.1 base score 7.5 (HIGH). The connected t...
CVE-2023-52143 WordPress WP Stripe Checkout Plugin <= 1.2.2.37 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37...
CVE-2023-52143 WordPress WP Stripe Checkout Plugin <= 1.2.2.37 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37...
CVE-2022-3986
The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2022-3986
The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2022-3986 WP Stripe Checkout < 1.2.2.21 - Contributor+ Stored XSS
The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2022-3986
The WP Stripe Checkout WordPress plugin (versions before 1.2.2.21) does not validate or escape some shortcode attributes before output, enabling Stored XSS for users with as low as Contributor. A public exploit example is documented in WPEXploit demonstrating a crafted shortcode that triggers XSS...
WordPress plugin WP Stripe Checkout 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WP Stripe Checkout < 1.2.2.21 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks PoC As a contributor, put the following shortcode in a page/post...
WordPress WP Stripe Checkout plugin <= 1.2.2.20 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Lana Codes in WordPress WP Stripe Checkout plugin versions = 1.2.2.20. Solution Update the WordPress WP Stripe Checkout plugin to the latest available version at least 1.2.2.21...