Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versions up to, and including, 2.8.4. This is due to a flawed permission check in the `paidy_webhook_perm
The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not properly restrict access to its refund request handler, allowing unauthenticated attackers to initiate refunds against any Woo
The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.4.0. This is due to the plugin relying on WooCommerce's
The WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.8.2, due to improper CORS handling on the Store API's REST endpoints allowing d
The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifyin
The ECPay Ecommerce for WooCommerce plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'clear_ecpay_debug_log' AJAX action in all versions up to,
Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.T
Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects E
Missing Authorization vulnerability in PayPal PayPal Brasil para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayPal Brasil para WooCommerce:
The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.9. This is due to the plugin storing full payment card details (PAN, card
The Riaxe Product Customizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4 via the '/wp-json/InkXEProductDesignerLite/orders' REST API
The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.9.3. This is due to insufficient verification on the user being supplied
Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce virtuaria-pagseguro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue a
The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handle_optin_optout' function in al
The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the check_payhere_response function in
The PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,
Missing Authorization vulnerability in Payment Plugins Payment Plugins for PayPal WooCommerce pymntpl-paypal-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This is
Missing Authorization vulnerability in BitPay BitPay Checkout for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BitPay Checkout for WooCommerce
The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'save_settings', 'export_csv'
The WhatsOrder – Instant Checkout for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the yapacdev_generate_order_pdf.