40 matches found
EUVD-2019-6068
Malware in sbrugna...
EUVD-2025-17489
Malicious code in bioql PyPI...
EUVD-2024-24432
Malicious code in bioql PyPI...
WordPress PayU India plugin has unspecified vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress PayU India plugin that stems from vulnerability to authentication bypass attacks, no details of the vulnerability are provided a...
CVE-2025-31022
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through 3.8.8...
CVE-2025-31022
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through 3.8.8...
CVE-2025-31022
CVE-2025-31022 concerns the PayU India WordPress plugin. PT-Security’s PT-2025-24473 documents an authentication bypass in PayU India versions through 3.8.5, enabling potential account takeover via a vulnerable flow in the update_cart_data / get-shipping-cost path. The vulnerability is remediated...
CVE-2025-31022 WordPress PayU India plugin < 3.8.8 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through 3.8.8...
CVE-2025-31022 WordPress PayU India plugin < 3.8.8 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through 3.8.8...
WordPress plugin PayU India 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress PayU India plugin that stems from vulnerability to authentication bypass attacks, no details of the vulnerability are provided a...
PT-2025-24473 · Payu · Payu India
Name of the Vulnerable Software and Affected Versions: PayU India versions through 3.8.5 Description: The issue is related to an Authentication Bypass Using an Alternate Path or Channel, allowing authentication abuse. Recommendations: For versions through 3.8.5, update to a version later than 3.8...
MAL-2025-4721 Malicious code in payu-ui-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cf0aeb232e5fb73a346852b81510521a06efd6f05c9b7760e6c13b3644abe68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in payu-ui-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cf0aeb232e5fb73a346852b81510521a06efd6f05c9b7760e6c13b3644abe68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
WordPress PayU India plugin < 3.8.8 - Account Takeover vulnerability
Account Takeover vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin PayU India versions 3.8.8...
CVE-2019-14978
/payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter Tampering in the purchaseQuantity=1 parameter, as demonstrated by purchasing an item for lower than the intended price...
CVE-2024-12264
The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3. This is due to /wp-json/payu/v1/generate-user-token and /wp-json/payu/v1/get-shipping-cost REST API endpoints not properly verifying a user's identity prior to setti...
CVE-2024-27193
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PayU India PayU India payu-india allows DOM-Based XSS.This issue affects PayU India: from n/a through = 3.8.8...
WordPress PayU CommercePro Plugin plugin <= 3.8.3 - Unauthenticated Privilege Escalation vulnerability
Unauthenticated Privilege Escalation vulnerability discovered by wesley wcraft in WordPress Plugin PayU India versions = 3.8.3...
CVE-2024-12264
The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3. This is due to /wp-json/payu/v1/generate-user-token and /wp-json/payu/v1/get-shipping-cost REST API endpoints not properly verifying a user's identity prior to setti...
CVE-2024-12264 PayU CommercePro Plugin <= 3.8.3 - Unauthenticated Privilege Escalation
The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3. This is due to /wp-json/payu/v1/generate-user-token and /wp-json/payu/v1/get-shipping-cost REST API endpoints not properly verifying a user's identity prior to setti...