Security Incentivization: An Empirical Study of How Micropayments Impact Code Security

Security often receives insufficient developer attention because it does not directly generate visible value, leading to underinvestment in practice. We evaluate a countermeasure by team-level incentives tied to measurable security improvements over time. Our semi-automated mechanism aggregates...

EUVD-2025-19575

Malicious code in bioql PyPI...

EUVD-2025-8164

Malicious code in bioql PyPI...

EUVD-2025-8564

Malicious code in bioql PyPI...

EUVD-2022-32130

Malicious code in bioql PyPI...

EUVD-2024-51572

Malicious code in bioql PyPI...

CVE-2025-5937

The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...

CVE-2025-5937

The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...

CVE-2025-5937

CVE-2025-5937 affects the MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet WordPress plugin (

CVE-2025-5937 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet <= 3.2.0 - Cross-Site Request Forgery to Settings Reset

The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...

CVE-2025-5937 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet <= 3.2.0 - Cross-Site Request Forgery to Settings Reset

The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...

WordPress plugin MicroPayments 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

PT-2025-27292 · WordPress · Micropayments – Fans Paysite

Name of the Vulnerable Software and Affected Versions: The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress versions up to, and including, 3.2.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce...

WordPress MicroPayments plugin <= 3.2.0 - Cross-Site Request Forgery to Settings Reset vulnerability

Cross-Site Request Forgery to Settings Reset vulnerability discovered by Nabil Irawan in WordPress Plugin MicroPayments versions = 3.2.0...

CVE-2024-13391

The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhispercontentuploadguest' shortcode in all versions up to, and including, 2.9.29 due to insufficient input...

CVE-2022-27629

Cross-site request forgery CSRF vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors...

CVE-2025-26579

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in videowhisper MicroPayments paid-membership allows Reflected XSS.This issue affects MicroPayments: from n/a through = 3.2.4...

WordPress MicroPayments plugin <= 2.9.29 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin MicroPayments versions = 2.9.29...

CVE-2025-31075

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in videowhisper MicroPayments paid-membership allows Stored XSS.This issue affects MicroPayments: from n/a through = 2.9.29...

CVE-2025-31075

CVE-2025-31075 — MicroPayments (WordPress plugin) is a Stored XSS in the MicroPayments plugin (v2.9.29 and earlier) where script tags are not properly neutralized in a web page, enabling attacker-supplied scripts to be stored and later executed in the victim’s browser. The CVSS base score is 6.5 ...