11 matches found
WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection
WordPress Paytm Donation plugin through 1.3.2 is susceptible to authenticated SQL injection. The plugin does not sanitize, validate, or escape the id GET parameter before using it in a SQL statement when deleting donations. An attacker can possibly obtain sensitive information, modify data, and/o...
EUVD-2023-32205
Malicious code in bioql PyPI...
CVE-2021-24554
The Paytm – Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue...
CVE-2025-24635 WordPress Paytm – Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paytm Paytm Payment Donation allows Reflected XSS. This issue affects Paytm Payment Donation: from n/a through 2.3.1...
CVE-2025-24635 WordPress Paytm – Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in integrationdevpaytm Paytm Payment Donation paytm-donation allows Reflected XSS.This issue affects Paytm Payment Donation: from n/a through = 2.3.1...
WordPress Paytm – Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Paytm Payment Donation versions = 2.3.1...
CVE-2023-28535
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Paytm Paytm Payment Donation plugin = 2.2.0 versions...
WordPress plugin paytm-donation cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2021-24554
The Paytm – Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue...
WordPress plugin SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A SQL injection vulnerability exists in the WordPress plugin...
Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection
The plugin does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue PoC GET /wp-admin/admin.php?page=wppaytmdonation=delete=1%20AND%20SELECT%205581%20FROM%20SELECTSLEEP5Pjwy HTTP/1.1...