WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability

Payment Bypass vulnerability discovered by Weerawat Pawanawiwat ErbaZZ in WordPress Plugin Best Payments Plugin for WP versions = 4.6.19...

EUVD-2026-20305

Server-Side Request Forgery SSRF vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Server Side Request Forgery.This issue affects GlobalPayments WooCommerce: from n/a through = 1.18.0...

CVE-2026-1710

The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveupeappearanceajax' function in all versions up to, and including, 10.5.1. This makes it possible for unauthenticated attackers to...

CVE-2023-25713

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

CVE-2025-13801

The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

PT-2026-1606

Name of the Vulnerable Software and Affected Versions Yoco Payments plugin for WordPress versions through 3.8.8 Description The Yoco Payments plugin for WordPress is susceptible to a Path Traversal issue. This allows unauthenticated attackers to read arbitrary files on the server, potentially...

CVE-2025-49339

Missing Authorization vulnerability in Digages Direct Payments WP direct-payments-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through = 1.3.2...

CVE-2025-49339 WordPress Direct Payments WP plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Digages Direct Payments WP direct-payments-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through = 1.3.2...

EUVD-2025-206005

Missing Authorization vulnerability in Digages Direct Payments WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through 1.3.0...

WordPress Direct Payments WP plugin <= 1.3.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by powpy in WordPress Plugin Direct Payments WP versions = 1.3.0...

WordPress Direct Payments WP plugin <= 1.3.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jitlada in WordPress Plugin Direct Payments WP versions = 1.3.0...

WordPress plugin Direct Payments WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin Accept Stripe Payments Using Contact Form 7 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plug...

EUVD-2025-4514

Malicious code in bioql PyPI...

EUVD-2023-39908

Malicious code in bioql PyPI...

EUVD-2022-2632

Malicious code in bioql PyPI...

WordPress plugin CashBill.pl – Płatności WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress...

CVE-2025-9463 Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter

The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.117.5 due to insufficient escaping on the user supplied parameter and...

CVE-2025-9463 Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter

The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.117.5 due to insufficient escaping on the user supplied parameter and...

PT-2025-37021

Name of the Vulnerable Software and Affected Versions: Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net versions prior to 1.117.6 Description: The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net plugin for...