Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:32 a.m.7 views

CVE-2023-25788

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

8.8CVSS7.1AI score0.00194EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/11/10 1:52 a.m.4 views

WordPress Saphali LiqPay for donate plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Saphali LiqPay for donate versions = 1.0.2...

6.4CVSS5.6AI score0.00193EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/11/09 9:56 a.m.7 views

CVE-2025-12643

The Saphali LiqPay for donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'saphaliliqpay' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5AI score0.00193EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/08 12:30 p.m.4 views

EUVD-2025-38373

The Saphali LiqPay for donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'saphaliliqpay' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.7AI score0.00193EPSS
Exploits0References4
NVD
NVDadded 2025/11/08 10:15 a.m.3 views

CVE-2025-12643

The Saphali LiqPay for donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'saphaliliqpay' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00193EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/11/08 9:28 a.m.10 views

CVE-2025-12643 Saphali LiqPay for donate <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Saphali LiqPay for donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'saphaliliqpay' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00193EPSS
Exploits0References3
CVE
CVEadded 2025/11/08 9:28 a.m.17 views

CVE-2025-12643

CVE-2025-12643 – Saphali LiqPay for donate (WordPress) Stored XSS The WordPress plugin Saphali LiqPay for donate (plugin slug: saphali-liqpay-for-donate) is affected by a stored cross-site scripting vulnerability in the shortcode attribute saphali_liqpay. All versions up to and including 1.0.2 ar...

6.4CVSS4.7AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/11/08 12:0 a.m.4 views

WordPress plugin Saphali LiqPay for donate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.7AI score0.00193EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/11/08 12:0 a.m.4 views

PT-2025-45565

Name of the Vulnerable Software and Affected Versions Saphali LiqPay for donate plugin for WordPress versions up to and including 1.0.2 Description The Saphali LiqPay for donate plugin for WordPress is susceptible to Stored Cross-Site Scripting through the saphali liqpay shortcode. This is caused...

6.4CVSS5.3AI score0.00193EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-29685

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00194EPSS
Exploits0References1
NVD
NVDadded 2023/10/04 11:15 a.m.10 views

CVE-2023-25788

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

8.8CVSS7.1AI score0.00194EPSS
Exploits0References1
OSV
OSVadded 2023/10/04 11:15 a.m.2 views

CVE-2023-25788

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

8.8CVSS7.3AI score0.00194EPSS
Exploits0References1
Prion
Prionadded 2023/10/04 11:15 a.m.15 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

6.8CVSS8.8AI score0.00194EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/04 10:30 a.m.12 views

CVE-2023-25788 WordPress Saphali Woocommerce Lite Plugin <= 1.8.13 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

6.3CVSS7.4AI score0.00194EPSS
Exploits0References1
CVE
CVEadded 2023/10/04 10:30 a.m.61 views

CVE-2023-25788

CVE-2023-25788 is a CSRF vulnerability in the Saphali Woocommerce Lite WordPress plugin, affected versions

8.8CVSS7.5AI score0.00194EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/10/04 10:30 a.m.13 views

CVE-2023-25788 WordPress Saphali Woocommerce Lite Plugin <= 1.8.13 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

6.3CVSS9AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/10/04 12:0 a.m.4 views

PT-2023-20304 · WordPress · Saphali Woocommerce Lite

Name of the Vulnerable Software and Affected Versions: Saphali Woocommerce Lite plugin versions = 1.8.13 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...

8.8CVSS8.8AI score0.00194EPSS
Exploits0References5
CNNVD
CNNVDadded 2023/10/04 12:0 a.m.4 views

WordPress Plugin Saphali Woocommerce Lite Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Saphali...

8.8CVSS6.5AI score0.00194EPSS
Exploits0References2
Patchstack
Patchstackadded 2023/07/26 12:0 a.m.7 views

WordPress Saphali Woocommerce Lite Plugin <= 1.8.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Saphali Woocommerce Lite Type Plugin Vulnerable versions = 1.8.13 Fixed in 1.9.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25788 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 146a399c384d Credits Mika...

8.8CVSS6.6AI score0.00194EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Stormadded 2018/12/22 12:0 a.m.52 views

WordPress Saphali-Customer-Reviews 5.0.2 Shell Upload

Exploit Title : WordPress Saphali-Customer-Reviews Plugins 5.0.2 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/12/2018 Vendor Homepage : wordpress.org saphali.com Software Download Link : saphali.com/wordpress-plugin-reviews...

7.4AI score
Exploits0
Rows per page
Query Builder