Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/05/06 3:27 a.m.56 views

CVE-2026-3208 Mercado Pago payments for WooCommerce <= 8.7.11 - Missing Authorization to Unauthenticated PIX Payment QR Code Image Disclosure

The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mppiximage' WooCommerce API endpoint in all versions up to, and including, 8.7.11. This makes it possible for unauthenticated attackers to retrieve...

5.3CVSS0.00499EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 1:0 p.m.4 views

Malicious code in demo-mercadopago-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a777ccccffbf142e34b0081be4681c4ffcb72aa584b99d15bfd58878e6085881 The OpenSSF Package Analysis project identified 'demo-mercadopago-mcp-server' @ 99.0.3 npm as malicious. It is considered malicious because: - T...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/23 1:0 p.m.4 views

EUVD-2025-35680

Malicious code in demo-mercadopago-mcp-server npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/10/23 1:0 p.m.4 views

MAL-2025-48558 Malicious code in demo-mercadopago-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a777ccccffbf142e34b0081be4681c4ffcb72aa584b99d15bfd58878e6085881 The OpenSSF Package Analysis project identified 'demo-mercadopago-mcp-server' @ 99.0.3 npm as malicious. It is considered malicious because: - T...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2023/04/20 3:55 a.m.17 views

MercadoLibre: Stored Cross-Site Scripting in mercadopago.com.ar

The summary is as follows: A stored cross-site scripting vulnerability was discovered in mercadopago.com.ar. The issue was acknowledged and addressed by MercadoLibre internally...

6.2AI score
Exploits0
Core Security
Core Security
added 2014/12/19 12:0 a.m.599 views

MercadoPago Android App Information Disclosure

Advisory ID Internal CORE-2014-0011 1. Advisory Information Title: MercadoPago Android App Information Disclosure Advisory ID: CORE-2014-0011 Date published: 2014-12-19 Date of last update: 2014-12-17 Vendors contacted: Mercadolibre Release mode: Coordinated release 2. Vulnerability Information...

6.8AI score
Exploits0
Rows per page
Query Builder