EUVD-2022-33754

Malicious code in bioql PyPI...

CVE-2022-29416

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

Study Finds Amazon, eBay and Afterpay as Top Android User Data Collectors

By Deeba Ahmed Amazon and eBay have been declared the highest data-collecting platforms among all the Android shopping apps researchers examined. This is a post from HackRead.com Read the original post: Study Finds Amazon, eBay and Afterpay as Top Android User Data Collectors...

MAL-2023-82 Malicious code in afterpay (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d65821f7845bf39a23f9778347a76ca151807656e577af383b74fbef0eaf7c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in afterpay (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d65821f7845bf39a23f9778347a76ca151807656e577af383b74fbef0eaf7c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Afterpay Gateway for WooCommerce Plugin < 1.12.4 is vulnerable to SQL Injection

Software Afterpay Gateway for WooCommerce Type Plugin Vulnerable versions 1.12.4 Fixed in 1.12.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2744 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID d0e7ba2b77fa Credits Arvandy Required privilege...

Malicious code in afterpay-sdk-example-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 555a159aa3b74ea73f8574c05e14aa536948cbe56b0420bcdcc0daa2a911ae2c The OpenSSF Package Analysis project identified 'afterpay-sdk-example-server' @ 20.0.0 npm as malicious. It is considered malicious because: - T...

MAL-2023-1111 Malicious code in afterpay-sdk-example-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 555a159aa3b74ea73f8574c05e14aa536948cbe56b0420bcdcc0daa2a911ae2c The OpenSSF Package Analysis project identified 'afterpay-sdk-example-server' @ 20.0.0 npm as malicious. It is considered malicious because: - T...

CVE-2022-29416

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

CVE-2022-29416

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

CVE-2022-29416

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

CVE-2022-29416 WordPress Afterpay Gateway for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

CVE-2022-29416 WordPress Afterpay Gateway for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Afterpay Gateway for WooCommerce = 3.5.0 versions...

CVE-2022-29416

The CVE-2022-29416 entry covers a reflected cross-site scripting (XSS) vulnerability in the WordPress Afterpay Gateway for WooCommerce plugin. Affected version(s) are WooCommerce plugin For Afterpay Gateway versions prior to or equal to 3.5.0 (up to 3.5.0, with 3.5.1+ fixed). Root cause: improper...

WordPress plugin Afterpay Gateway for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-12969 · Afterpay · Afterpay Gateway For Woocommerce

Name of the Vulnerable Software and Affected Versions: Afterpay Gateway for WooCommerce versions prior to 3.5.1 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website, potentially leading to...

Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters, allowing an attacker to trick a visitor to send a request with XSS payloads that will trigger when they visit the site...

Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the orderToken parameter before outputting it back in the page via an error message, leading to a Reflected Cross-Site Scripting...

Afterpay Gateway for WooCommerce < 3.2.1 - Reflected Cross-Site Scripting

The plugin has sample files form the https://github.com/afterpay/sdk-php library, which do not escape some parameters before outputting them in attributes, leading to Reflected Cross-Site Scripting issues. PoC...