10 matches found
EUVD-2024-32228
Malicious code in bioql PyPI...
OPEXUS FOIAXpress Public Access Link 安全漏洞
OPEXUS FOIAXpress Public Access Link OPEXUS FOIAXpress PAL is a secure public-facing web portal from OPEXUS that connects organizations with requesters and integrates with payment solutions, including payment solutions. A security vulnerability exists in OPEXUS FOIAXpress Public Access Link versi...
CVE-2024-3649
The Contact Form by WPForms – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to price manipulation in versions up to, and including, 1.8.7.2. This is due to a lack of controls on several product parameters. This makes it possible for unauthenticated attackers to...
MAL-2025-131 Malicious code in payment-integration-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e2b48477c18dc833e42ed72d5398cea9fd403d04bb4f0c43a833f3d97068ae01 The OpenSSF Package Analysis project identified 'payment-integration-template' @ 1.1.0 npm as malicious. It is considered malicious because: - T...
Malicious code in payment-integration-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e2b48477c18dc833e42ed72d5398cea9fd403d04bb4f0c43a833f3d97068ae01 The OpenSSF Package Analysis project identified 'payment-integration-template' @ 1.1.0 npm as malicious. It is considered malicious because: - T...
OPEXUS FOIAXpress Public Access Link 安全漏洞
OPEXUS FOIAXpress Public Access Link OPEXUS FOIAXpress PAL is a secure public-facing web portal from OPEXUS that connects organizations with requesters and integrates with payment solutions, including payment solutions. A security vulnerability exists in OPEXUS FOIAXpress Public Access Link versi...
Contact Form by WPForms – Drag & Drop Form Builder for WordPress < 1.8.8.2 - Unauthenticated Price Manipulation
Description The Contact Form by WPForms – Drag & Drop Form Builder for WordPress is vulnerable to price manipulation. This is due to a lack of controls on several product parameters, making it possible for unauthenticated attackers to manipulate prices, product information, and quantities for...
CVE-2024-3649 Contact Form by WPForms – Drag & Drop Form Builder for WordPress <= 1.8.7.2 - Unauthenticated Price Manipulation
The Contact Form by WPForms – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to price manipulation in versions up to, and including, 1.8.7.2. This is due to a lack of controls on several product parameters. This makes it possible for unauthenticated attackers to...
CVE-2024-3649 Contact Form by WPForms – Drag & Drop Form Builder for WordPress <= 1.8.7.2 - Unauthenticated Price Manipulation
The Contact Form by WPForms – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to price manipulation in versions up to, and including, 1.8.7.2. This is due to a lack of controls on several product parameters. This makes it possible for unauthenticated attackers to...
CVE-2024-3649
The CVE CVE-2024-3649 concerns the WordPress plugin Contact Form by WPForms – Drag & Drop Form Builder for WordPress. Affected: WPForms Lite (Contact Form by WPForms) versions up to 1.8.7.2. Root cause: lack of controls on several product parameters during Stripe purchases enables price manipulat...