6 matches found
EUVD-2013-0161
Malware in sbrugna...
Malicious code in paypal-standard-integration-react-ib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6521cab55325b37c4d38ef5d9c7136a36024b1e4615b1ef885089e708edf6376 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
WooCommerce < 6.3.1 - Orders Marked as Paid (via PayPal Standard Gateway)
The PayPal Standard payment gateway deprecated since July 2021 of the plugin could allow attackers to mark an order as paid without actually making a payment, when PDT is enabled...
WordPress WooCommerce plugin <= 6.3.0 - Orders Status Change (via PayPal Standard Gateway) vulnerability
Orders Status Change via PayPal Standard Gateway vulnerability discovered in WordPress WooCommerce plugin versions = 6.3.0. Solution Update the WordPress WooCommerce plugin to the latest available version at least 6.3.1...
Code injection
CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self...
CS-Cart v3.0.4 configured with PayPal Standard Payments design vulnerability
Overview CS-Cart v3.0.4 and possibly other versions configured with PayPal Standard Payment is susceptible to a client-side attack that results in an attacker purchasing items without having to pay for them. Description It has been reported that CS-Cart v3.0.4 configured with PayPal Standard...