Lucene search
K

15 matches found

NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-34891

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...

7.5CVSS0.00303EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.10 views

CVE-2026-34891

CVE-2026-34891 concerns the WordPress IDPay Payment Gateway for WooCommerce plugin (

7.5CVSS5.2AI score0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.24 views

CVE-2026-34891 WordPress IDPay Payment Gateway for Woocommerce plugin <= 2.2.5 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...

7.5CVSS0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.8 views

PT-2026-49363

Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...

7.5CVSS5.2AI score0.00303EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/06 11:45 a.m.3 views

WordPress IDPay Payment Gateway for Woocommerce plugin <= 2.2.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Chawabhon Netisingha JNX03 in WordPress Plugin IDPay Payment Gateway for Woocommerce versions = 2.2.5...

5.9AI score0.00303EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11908

Malware in sbrugna...

6.1CVSS6.3AI score0.00788EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.5 views

CVE-2021-24996

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00788EPSS
Exploits2References1
OSV
OSV
added 2022/03/14 3:15 p.m.2 views

CVE-2021-24996

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.00788EPSS
Exploits2References1
NVD
NVD
added 2022/03/14 3:15 p.m.11 views

CVE-2021-24996

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.1CVSS0.00788EPSS
Exploits2References1
CVE
CVE
added 2022/03/14 2:41 p.m.88 views

CVE-2021-24996

The CVE-2021-24996 entry concerns the WordPress plugin IDPay for Contact Form 7 (≤ 2.1.2). The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of the idpay_error parameter when echoed back on the page, enabling an attacker-controlled payload to execu...

6.1CVSS6.1AI score0.00788EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/03/14 2:41 p.m.17 views

CVE-2021-24996 IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting

The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting...

6.3AI score0.00788EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.2 views

WordPress plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress...

6.1CVSS5.9AI score0.00788EPSS
Exploits2References2
wpexploit
wpexploit
added 2021/11/23 12:0 a.m.58 views

IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting Append the following payload on a page where a form with an idPay payment interface is embed: &idpayerror=alert/XSS/ Example:...

6.1CVSS0.00788EPSS
Exploits2
Patchstack
Patchstack
added 2021/11/23 12:0 a.m.20 views

WordPress IDPay for Contact Form 7 plugin <= 2.1.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Jeremie Amsellem in WordPress IDPay for Contact Form 7 plugin versions = 2.1.2. Solution Deactivate and delete. This plugin has been closed as of November 23, 2021 and is not available for download. Reason: Security Issue...

6.1CVSS3.1AI score0.00788EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2021/11/23 12:0 a.m.16 views

IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the idpayerror parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting PoC Append the following payload on a page where a form with an idPay payment interface is embed: error= Example:...

6.1CVSS0.5AI score0.00788EPSS
Exploits2Affected Software1
Rows per page
Query Builder