Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
automattic woopayments vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-28121
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated malicious user to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated malicious user to gain admin access on a site that h...
Automattic Woocommerce Payments
Automattic Woopayments
Automattic Woopayments 4.9.0
Automattic Woopayments 5.3.0
Automattic Woopayments 5.4.0
4 Github repositories
5.4
CVSSv3
CVE-2023-49828
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo allows Stored XSS.This issue affects WooPayments – Fully Integrated Solution B...
Automattic Woopayments
7.5
CVSSv3
CVE-2023-51503
Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a up to and including 6.9.2.
Automattic Woopayments
9.8
CVSSv3
CVE-2023-35915
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported...
Automattic Woopayments
7.5
CVSSv3
CVE-2023-35916
Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a up to and including 5.9.0.
Automattic Woopayments
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started