CVE-2026-42655

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

CVE-2026-42752

The CVE-2026-42752 entry concerns the WordPress Stripe Payments plugin (versions up to 2.0.98). It describes an unauthenticated bypass vulnerability in Stripe Payments

CVE-2026-42655 WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

EUVD-2026-36820

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

CVE-2026-42655 WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

CVE-2026-42655

CVE-2026-42655 affects the WordPress plugin “Best Payments Plugin for WP” (versions ≤ 4.6.19). The vulnerability is an unauthenticated payment bypass (unvalidated access) in the plugin, enabling bypass without credentials. CVSS‑3.1 base score 5.9 (MEDIUM) with attack vector Network, attack comple...

PT-2026-49446

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

WordPress plugin Stripe Payments 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability

Payment Bypass vulnerability discovered by Weerawat Pawanawiwat ErbaZZ in WordPress Plugin Best Payments Plugin for WP versions = 4.6.19...

EUVD-2026-20305

Server-Side Request Forgery SSRF vulnerability in Global Payments GlobalPayments WooCommerce global-payments-woocommerce allows Server Side Request Forgery.This issue affects GlobalPayments WooCommerce: from n/a through = 1.18.0...

CVE-2026-1710

The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveupeappearanceajax' function in all versions up to, and including, 10.5.1. This makes it possible for unauthenticated attackers to...

CVE-2023-25713

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

CVE-2025-13801

The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

PT-2026-1606

Name of the Vulnerable Software and Affected Versions Yoco Payments plugin for WordPress versions through 3.8.8 Description The Yoco Payments plugin for WordPress is susceptible to a Path Traversal issue. This allows unauthenticated attackers to read arbitrary files on the server, potentially...

CVE-2025-49339

Missing Authorization vulnerability in Digages Direct Payments WP direct-payments-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through = 1.3.2...

EUVD-2025-206005

Missing Authorization vulnerability in Digages Direct Payments WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through 1.3.0...

CVE-2025-49339 WordPress Direct Payments WP plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Digages Direct Payments WP direct-payments-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Direct Payments WP: from n/a through = 1.3.2...

WordPress Direct Payments WP plugin <= 1.3.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by powpy in WordPress Plugin Direct Payments WP versions = 1.3.0...

WordPress Direct Payments WP plugin <= 1.3.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jitlada in WordPress Plugin Direct Payments WP versions = 1.3.0...

WordPress plugin Direct Payments WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...