Lucene search
K

2203 matches found

Nuclei
Nuclei
added 5 hours ago169 views

WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery

WordPress Paytm Payment Gateway plugin through 2.7.0 contains a server-side request forgery vulnerability. An attacker can cause a website to execute website requests to an arbitrary domain, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized...

7.2CVSS6.8AI score0.40506EPSS
Exploits0References5
Nuclei
Nuclei
added 5 hours ago68 views

WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection

WordPress Paytm Payment Gateway plugin through 2.7.3 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-45805 info: name: WordPress Payt...

9.8CVSS7.1AI score0.02327EPSS
Exploits0References5
NVD
NVD
added yesterday3 views

CVE-2026-57408

Missing Authorization vulnerability in peachpayments Peach Payments Gateway wc-peach-payments-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Peach Payments Gateway: from n/a through = 4.0.2...

6.5CVSS0.00332EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-43285

The User Registration & Membership WordPress plugin before 5.2.2 does not verify the authenticity of incoming payment-provider webhook notifications before acting on them, allowing unauthenticated attackers to forge a payment-approved event and activate a paid membership subscription without...

9.1CVSS6.1AI score0.00148EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday15 views

CVE-2026-57408 WordPress Peach Payments Gateway plugin <= 4.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in peachpayments Peach Payments Gateway wc-peach-payments-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Peach Payments Gateway: from n/a through = 4.0.2...

6.5CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57408

CVE-2026-57408 affects the WordPress Peach Payments Gateway plugin wc-peach-payments-gateway

6.5CVSS6.1AI score0.00332EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43062

Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2...

6.1AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 4 days ago3 views

CVE-2026-13238

Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2...

4.8CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 4 days ago8 views

CVE-2026-11990

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00342EPSS
Exploits0References12
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-42864

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS6.2AI score0.00342EPSS
Exploits0References12
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-15288 SureForms – Drag and Drop Form Builder for WordPress <= 2.2.1 - Unauthenticated Stripe Payment Amount Manipulation

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 2.2.1. This is due to the plugin accepting the payment amount directly from user-controlled POST data in the 'createpaymentintent' and...

7.5CVSS0.00333EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42488

Use after free in Payments in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6AI score0.00178EPSS
Exploits0References3
NVD
NVD
added 6 days ago10 views

CVE-2026-15117

Use after free in Payments in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00178EPSS
Exploits0References2
CVE
CVE
added 6 days ago18 views

CVE-2026-15117

CVE-2026-15117 affects Google Chrome (Payments component). A use-after-free in Payments can lead to heap corruption when a user is convinced to perform specific UI gestures on a crafted HTML page. Affected version: before 150.0.7871.115. The issue is triggered by interactions with the UI and can ...

7.5CVSS6AI score0.00178EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-15117

Use after free in Payments in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS6AI score0.00178EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-15117

Use after free in Payments in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00178EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-15117

Use after free in Payments in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6AI score0.00178EPSS
Exploits0References3Affected Software1
NVD
NVD
added 6 days ago7 views

CVE-2026-5356

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 5.4.0. This is due to the plugin's Stripe Connect payment processor accepting a client-supplied PaymentIntent ID. This makes it...

7.5CVSS0.0021EPSS
Exploits0References2
Patchstack
Patchstack
added 6 days ago5 views

WordPress Peach Payments Gateway plugin <= 4.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by HieuPenguinnn in WordPress Plugin Peach Payments Gateway versions = 4.0.2...

6.5CVSS6.1AI score0.00332EPSS
Exploits0Affected Software1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42227

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 5.4.0. This is due to the plugin's Stripe Connect payment processor accepting a client-supplied PaymentIntent ID. This makes it...

7.5CVSS6AI score0.0021EPSS
Exploits0References2
Rows per page
Query Builder