45 matches found
EUVD-2017-0367
Malware in sbrugna...
EUVD-2018-0717
Malware in sbrugna...
EUVD-2017-0111
Malware in sbrugna...
Malicious code in fullcube-recurly-refresh (npm)
The package fullcube-recurly-refresh was found to contain malicious code...
MAL-2025-21038 Malicious code in fullcube-recurly-refresh (npm)
The package fullcube-recurly-refresh was found to contain malicious code...
Malicious code in recurly-integrations (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2948 Malicious code in recurly-integrations (npm)
--- -= Per source details. Do not edit below this line.=-...
WordPress RecurWP – WordPress Recurly Payment Gateway Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software RecurWP – WordPress Recurly Payment Gateway Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a644c62a9fc Credits Rafie...
Malicious Package
Overview recurly-dev is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious code in recurly-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ca6dddb8bdc49e630a37b4ee55826687ad4a7a3453d16ec59b9674870c797fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-741 Malicious code in recurly-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ca6dddb8bdc49e630a37b4ee55826687ad4a7a3453d16ec59b9674870c797fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in twitch-recurly.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fce50c9c91e5920315df8243290779e379507b0e34fc1af0324ba5e72c7ef03c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
WordPress RecurWP – WordPress Recurly Payment Gateway plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress RecurWP – WordPress Recurly Payment Gateway plugin versions = 1.0.1. Solution No patched version available...
WordPress RecurWP – WordPress Recurly Payment Gateway plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress RecurWP – WordPress Recurly Payment Gateway plugin versions = 1.0.1. Solution No patched version available...
XML External Entity (XXE) Attacks
Recurly Java library is vulnerable to XML external entity XXE attacks. The vulnerability exists because it does not prevent processing of external entities and external Document Type Definition by default, allowing an attacker to inject malicious XML data...
GHSA-38RV-5JQC-M2CV Recurly vulnerable to SSRF
The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource.get method that could result in compromise of API keys or other critical resources...
Recurly vulnerable to SSRF
The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource.get method that could result in compromise of API keys or other critical resources...
Critical severity vulnerability that affects recurly-api-client
The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side Request Forgery vulnerability due to incorrect use of "Uri.EscapeUriString" that could result in compromise of API keys or other critical resources...
GHSA-XPWP-RQ3X-X6V7 Critical severity vulnerability that affects recurly-api-client
The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side Request Forgery vulnerability due to incorrect use of "Uri.EscapeUriString" that could result in compromise of API keys or other critical resources...
Server-Side Request Forgery (SSRF)
recurly-api-client is vulnerable to server-side request forgery SSRF attacks. This is due to the incorrect usage of the Uri.EscapeUriString function, which could allow an attacker to send a crafted request from the vulnerable client...