5 matches found
CVE-2025-23804
Cross-Site Request Forgery CSRF vulnerability in Shiv Prakash Tiwari WP Service Payment Form With Authorize.net wp-service-payment-form-with-authorizenet allows Reflected XSS.This issue affects WP Service Payment Form With Authorize.net: from n/a through = 2.6.0...
EUVD-2025-3436
Malicious code in bioql PyPI...
CVE-2025-23804
Cross-Site Request Forgery CSRF vulnerability in Shiv Prakash Tiwari WP Service Payment Form With Authorize.net wp-service-payment-form-with-authorizenet allows Reflected XSS.This issue affects WP Service Payment Form With Authorize.net: from n/a through = 2.6.0...
CVE-2025-23804
CVE-2025-23804 is a CSRF vulnerability in the WordPress plugin WP Service Payment Form With Authorize.net that can enable a Reflected XSS . The Red Hat advisory reiterates the same CVE and describes the flaw as CSRF affecting the plugin up to version 2.6.0 . The base metrics list a CVSS v3.1 scor...
CVE-2024-12258
CVE-2024-12258 — The WordPress plugin WP Service Payment Form With Authorize.net is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to 2.6.3 due to insufficient input sanitization and output escaping. The issue permits unauthenticated attackers to inject mal...