Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
The Netcash WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_return_url function in all versions up t
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Missing Authorization in all versions up
The SureForms – Contact Form, Payment Form & Other Custom Form Builder plugin for WordPress is vulnerable to Payment Amount Bypass in all versions up to, and including, 2.5.2. This is due to the creat
The Campay Woocommerce Payment Gateway plugin for WordPress is vulnerable to Unauthenticated Payment Bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly validati
The CP Image Store with Slideshow plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.9 due to a logic error in the 'cpis_admin_init' function's permis
The Rupantorpay plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_webhook() function in all versions up to, and including, 2.0.0.
The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read
Generation of Error Message Containing Sensitive Information vulnerability in paytiumsupport Paytium paytium allows Retrieve Embedded Sensitive Data.This issue affects Paytium: from n/a through <= 4.4
CVE-2024-6205
CRITICAL CVSS 9.8
Find Similar
The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.
The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_data action in all versions up to, and including, 2.1.14. This m
The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to unauthorized membership payment bypass i
The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the process_wbelps_promo_form() function in all versions up to,
The LearnDash LMS – Reports plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions (i.e. wrld_set_configuration, wrld_exclude_se
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to payment bypass due to insufficient verification of data authenticity
The WP Service Payment Form With Authorize.net plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 2.6.3 due to insuffic
The Demo Awesome plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the install_plugin function in all versions up to, and including, 1.0.3. T
The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.9. This is due to the plugin storing full payment card details (PAN, card
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order e
← Previous Page 5