WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.1 - Reflected Cross-Site Scripting via failure_message vulnerability

Reflected Cross-Site Scripting via failuremessage vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Accept Stripe Payments Using Contact Form 7 versions = 3.1...

CVE-2025-12834 Accept Stripe Payments Using Contact Form 7 <= 3.1 - Reflected Cross-Site Scripting via failure_message

The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'failuremessage' parameter in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

PT-2025-50810

The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'failure message' parameter in versions up to, and including, 3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

EUVD-2024-48290

Malicious code in bioql PyPI...

EUVD-2022-50184

Malicious code in bioql PyPI...

EUVD-2022-34477

Malicious code in bioql PyPI...

CVE-2025-53309

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 accept-stripe-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through = 3.0...

CVE-2025-53309

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 accept-stripe-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through = 3.0...

CVE-2025-53309

CVE-2025-53309 refers to a vulnerability in the WordPress plugin Accept Stripe Payments Using Contact Form 7 (versions 3.0 and earlier). The issue is described as Insertion of Sensitive Information Into Sent Data, enabling retrieval of embedded sensitive data. Public sources in the provided docum...

CVE-2025-53309 WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.0 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 accept-stripe-payments-using-contact-form-7 allows Retrieve Embedded Sensitive Data.This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through = 3.0...

WordPress plugin Accept Stripe Payments Using Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Accept...

CVE-2022-47422

Cross-Site Request Forgery CSRF vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin = 3.1.5 versions...

CVE-2024-12255 Accept Stripe Payments Using Contact Form 7 <= 2.5 - Unauthenticated Information Exposure

The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via the cf7sa-info.php file that returns phpinfo data. This makes it possible for unauthenticated attackers to extract configuration information tha...

CVE-2024-12255

CVE-2024-12255 – Accept Stripe Payments Using Contact Form 7 (WordPress)\n\nVulnerability summary : The plugin is vulnerable to Information Exposure via cf7sa-info.php, which returns phpinfo() data. This allows unauthenticated attackers to retrieve sensitive configuration information that could f...

WordPress plugin Accept Stripe Payments Using Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Accept...

CVE-2024-7353

The Accept Stripe Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's acceptstripepaymentng shortcode in all versions up to, and including, 2.0.86 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2024-7353 Accept Stripe Payments <= 2.0.86 - Authenticated (Contributor+) Stored Cross-Site Scripting via accept_stripe_payment_ng Shortcode

The Accept Stripe Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's acceptstripepaymentng shortcode in all versions up to, and including, 2.0.86 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

WordPress plugin Accept Stripe Payments 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-38284 · WordPress · Accept Stripe Payments

Name of the Vulnerable Software and Affected Versions: Accept Stripe Payments plugin for WordPress versions up to and including 2.0.86 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the accept stripe payment ng shortcode. This...

CVE-2022-47422

Cross-Site Request Forgery CSRF vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin = 3.1.5 versions...