CVE-2025-15400

The OpenPix for WooCommerce WordPress plugin through 2.13.3 allows any authenticated user to trigger AJAX actions that reset payment gateway configuration options without capability or nonce checks. This permits any authenticated users, such as subscribers to clear API credentials and webhook...

CVE-2025-15400 OpenPix <= 2.13.3 - Subscriber+ Payment Gateway Settings Reset

The OpenPix for WooCommerce WordPress plugin through 2.13.3 allows any authenticated user to trigger AJAX actions that reset payment gateway configuration options without capability or nonce checks. This permits any authenticated users, such as subscribers to clear API credentials and webhook...

EUVD-2020-15038

Malware in sbrugna...

CVE-2020-22273

Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed such as Payment Settings...

Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to Namaste Settings, and at Payment Setting...

OPENSUSE-SU-2020:2178-1 Security update for opera

This update for opera fixes the following issues: - Update to version 72.0.3815.400 - DNA-88996 Mac Vertical spacing of sidebar items incorrect - DNA-89698 Mac text on bookmark bar not visible when application is not focused - DNA-89746 Add product-name switch to Opera launcher and installer -...

CVE-2020-22273

Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed such as Payment Settings...

Cross site request forgery (csrf)

Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed such as Payment Settings...

CVE-2020-22273

Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed such as Payment Settings...

CVE-2020-22273

The CVE-2020-22273 entry concerns Neoflex Video Subscription System Version 2.0, where a CSRF flaw enables unauthorized changes to Website Settings (e.g., Payment Settings). The root cause is CSRF allowing state-changing requests without proper user verification. Documents consistently identify t...

Kartpay: Reflected XSS on https://merchant.kartpay.com/payment_settings [status]

Vulnerable URL https://merchant.kartpay.com/paymentsettings/type Parameter status Payload " Steps to Reproduce 1. Login with your credentials. 2. Go to https://merchant.kartpay.com/paymentsettings 3. Start Burp suite proxy and intercept on. 4. Click on Run and Save button. intercept the request. ...

PenPals Authentication Bypass

Exploit for asp platform in category web applications ============================= PenPals Authentication Bypass ============================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /...