Malicious code in braintree-web-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72db908797ea8aa5f2c1c6d89356499ed46b677379648156e795ee3049b24b20 The package braintree-web-latest was found to contain malicious code. Source: ghsa-malware...

MAL-2026-554 Malicious code in braintree-web-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72db908797ea8aa5f2c1c6d89356499ed46b677379648156e795ee3049b24b20 The package braintree-web-latest was found to contain malicious code. Source: ghsa-malware...

WordPress Payments Braintree For WooCommerce plugin authorization bypass vulnerability

WordPress Payments Braintree For WooCommerce plugin is a payment plugin designed specifically for WordPress websites, which supports payments done through both PayPal and credit cards. The WordPress Payments Braintree For WooCommerce plugin suffers from an authorization bypass vulnerability that...

CVE-2025-12903

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

CVE-2025-12903

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

CVE-2025-12903 Payment Plugins Braintree For WooCommerce <= 3.2.78 - Missing Authorization to Payment Token Exposure and Transaction Fraud

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

CVE-2025-12903

The CVE-2025-12903 concerns the WordPress plugin Payment Plugins Braintree For WooCommerce. It affects all versions up to 3.2.78 and arises from a missing capability check on the REST endpoint wc-braintree/v1/3ds/vaulted_nonce, registered with permission_callback set to __return_true. This allows...

EUVD-2025-119984

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

CVE-2025-12903 Payment Plugins Braintree For WooCommerce <= 3.2.78 - Missing Authorization to Payment Token Exposure and Transaction Fraud

The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaultednonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with...

WordPress Payment Plugins Braintree For WooCommerce plugin <= 3.2.78 - Missing Authorization to Payment Token Exposure and Transaction Fraud vulnerability

Missing Authorization to Payment Token Exposure and Transaction Fraud vulnerability discovered by M Indra Purnama type5afe in WordPress Plugin Payment Plugins Braintree For WooCommerce versions = 3.2.78...

WordPress plugin Payment Plugins Braintree For WooCommerce 安全漏洞

WordPress Payments Braintree For WooCommerce plugin is a payment plugin designed specifically for WordPress websites, which supports payments done through both PayPal and credit cards. The WordPress Payments Braintree For WooCommerce plugin suffers from an authorization bypass vulnerability that...

Malicious code in react-paypal-braintree-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ebbf8ad1d1a557ec443c0f6ea58587954750259557188b27491cca78c7e9ea7 The package react-paypal-braintree-demo was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2022-1445

Malicious code in bioql PyPI...

MAL-2025-47014 Malicious code in braintree-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 053257b915c2f0af69829fe05f32c4248f8dd415cf1a12103f297d5fbfe0574e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview braintree-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in braintree-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 053257b915c2f0af69829fe05f32c4248f8dd415cf1a12103f297d5fbfe0574e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-50481 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-50481 Source advisory: OSV:GHSA-269J-37WW-CMH3...

Malicious code in braintree-dropin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 975d9545344189dda20be0c6790c2deebbd8fbf1d3b992641dea6f1044521436 Any computer that has this package installed or running should be considered...

MAL-2025-5242 Malicious code in braintree-dropin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 975d9545344189dda20be0c6790c2deebbd8fbf1d3b992641dea6f1044521436 Any computer that has this package installed or running should be considered...

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-6050 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-6050 Source advisory: OSV:GHSA-7PR5-W74R-JJJ7...