Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal paypal vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-7441
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it ...
Woocommerce Paypal Checkout Payment Gateway 1.6.8
1 EDB exploit
NA
CVE-2023-0275
The Easy Accept Payments for PayPal WordPress plugin prior to 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Store...
Tipsandtricks-hq Easy Accept Payments For Paypal
NA
CVE-2023-6497
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatic redirect URL setting in all versions up to and including 4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...
Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart
5.8
CVSSv2
CVE-2012-5798
The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitr...
Paypal Payflow Pro Express Checkout -
Oscommerce Oscommerce -
NA
CVE-2022-4672
The WordPress Simple Shopping Cart WordPress plugin prior to 4.6.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which...
Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart
NA
CVE-2023-1431
The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3 due to the plugin saving shopping cart data exports in a publicly accessible location (/wp-content/plugins/wordpress-simple-paypal-shopping-car...
Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart
5.8
CVSSv2
CVE-2012-5806
The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary ...
Zen-cart Zen Cart -
Paypal Payments Pro -
5.8
CVSSv2
CVE-2012-5805
The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary va...
Zen-cart Zen Cart -
Paypal Instant Payment Notification -
5
CVSSv2
CVE-2015-5065
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin prior to 1.4 for WordPress allows remote malicious users to read arbitrary files via a full pathname in the requrl parameter.
Intelligent-it Paypal Currency Converter Basic For Woocommerce
1 EDB exploit
6.8
CVSSv2
CVE-2019-5992
Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Ultra-prod Wordpress Ultra Simple Paypal Shopping Cart
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »