13 matches found
CVE-2026-39366
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the PayPal IPN v1 handler at plugin/PayPalYPT/ipn.php lacks transaction deduplication, allowing an attacker to replay a single legitimate IPN notification to repeatedly inflate their wallet balance and renew subscriptions...
WWBN AVideo Affected by a PayPal IPN Replay Attack Enabling Wallet Balance Inflation via Missing Transaction Deduplication in ipn.php
Summary The PayPal IPN v1 handler at plugin/PayPalYPT/ipn.php lacks transaction deduplication, allowing an attacker to replay a single legitimate IPN notification to repeatedly inflate their wallet balance and renew subscriptions. The newer ipnV2.php and webhook.php handlers correctly deduplicate...
CVE-2026-39366
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the PayPal IPN v1 handler at plugin/PayPalYPT/ipn.php lacks transaction deduplication, allowing an attacker to replay a single legitimate IPN notification to repeatedly inflate their wallet balance and renew subscriptions...
EUVD-2025-17175
Malicious code in bioql PyPI...
CVE-2025-28984
Cross-Site Request Forgery CSRF vulnerability in storepro Subscription Renewal Reminders for WooCommerce subscriptions-renewal-reminders allows Cross Site Request Forgery.This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through = 1.4.1...
CVE-2025-28984
Cross-Site Request Forgery CSRF vulnerability in storepro Subscription Renewal Reminders for WooCommerce subscriptions-renewal-reminders allows Cross Site Request Forgery.This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through = 1.4.1...
CVE-2025-28984 WordPress Subscription Renewal Reminders for WooCommerce plugin <= 1.3.7 - Cross Site Request Forgery to Notice Dismissal vulnerability
Cross-Site Request Forgery CSRF vulnerability in storepro Subscription Renewal Reminders for WooCommerce allows Cross Site Request Forgery. This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through 1.3.7...
CVE-2025-28984
CVE-2025-28984 is a CSRF vulnerability in the WordPress plugin Subscription Renewal Reminders for WooCommerce (affecting versions up to 1.3.7). The Wordfence data indicates a Medium severity (CVSSv3.1/3.1: 4.3) with network attacker, no privileges required, and user interaction required. Reported...
CVE-2025-28984 WordPress Subscription Renewal Reminders for WooCommerce plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in storepro Subscription Renewal Reminders for WooCommerce subscriptions-renewal-reminders allows Cross Site Request Forgery.This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through = 1.4.1...
PT-2025-24131 · Woocommerce · Subscription Renewal Reminders For Woocommerce
Name of the Vulnerable Software and Affected Versions: Subscription Renewal Reminders for WooCommerce versions 1.3.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows for Cross Site Request Forgery. This means an attacker can trick a user into...
WordPress plugin Subscription Renewal Reminders for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Subscription Renewal Reminders for WooCommerce plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Subscription Renewal Reminders for WooCommerce versions = 1.4.1...
Studio Console Shows "Enable DaaS" for First Time Use
Citrix DaaS customers encounter the following message indicating their service needs to be enabled for one of the following reasons: 1 DaaS must be enabled for first time use 2 DaaS is disabled due to inactivity 3 DaaS subscription licenses are updated renewal or net new...