EUVD-2024-31328

Malicious code in bioql PyPI...

EUVD-2023-12354

Malicious code in bioql PyPI...

CVE-2023-0275

The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2024-33591

Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects Easy Accept Payments: from n/a through 4.9.10...

CVE-2024-33591

Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects Easy Accept Payments: from n/a through 4.9.10...

CVE-2024-33591

CVE-2024-33591 is a Missing Authorization vulnerability in the WordPress plugin “Easy Accept Payments” (Tips and Tricks HQ). The vulnerability affects “Easy Accept Payments: from n/a through 4.9.10.” The CVE entry lists a CVSS v3.1 base score of 7.5 (High) with network attack vector, low attack c...

CVE-2024-33591 WordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects Easy Accept Payments: from n/a through 4.9.10...

CVE-2024-33591 WordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects Easy Accept Payments: from n/a through 4.9.10...

PT-2024-25360 · Unknown · Tips/Tricks Hq Easy Accept Payments

Name of the Vulnerable Software and Affected Versions: Tips and Tricks HQ Easy Accept Payments versions 4.9.10 and earlier Description: The issue is related to a Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments. Recommendations: For versions 4.9.10 and earlier, updat...

WordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Easy Accept Payments versions = 4.9.10...

WordPress Easy Accept Payments Plugin <= 4.9.10 is vulnerable to Broken Access Control

Software Easy Accept Payments Type Plugin Vulnerable versions = 4.9.10 Fixed in 5.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33591 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID dc8baebcdbf1 Credits Joshua Chan Required...

CVE-2023-32128

CVE-2023-32128 relates to a SQL Injection in the WordPress plugin “Cryptocurrency Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free” (Adastra Crypto). Affected versions are ≤ 2.2.7; patched in 2.2.8. Multiple sources (Patchstack, Red Hat entry, CVE listing) confirm the...

CVE-2023-32128 WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations Plugin <= 2.2.7 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in a...

Cross site scripting

The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2023-0275 Easy Accept Payments for PayPal < 4.9.10 - Contributor+ Stored XSS

The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

WordPress plugin Easy Accept Payments for PayPal 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

WordPress Easy Accept Payments Plugin < 4.9.10 is vulnerable to Cross Site Scripting (XSS)

Software Easy Accept Payments Type Plugin Vulnerable versions 4.9.10 Fixed in 4.9.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0275 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 334f1469f03f Credits Lana Codes...