Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-9233
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin prior to 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.
Codepeople Cp Contact Form With Paypal
NA
CVE-2006-6034
Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote malicious users to execute arbitrary SQL commands via the (1) keyword or (2) cid parameter in (a) catalogue.asp, or the (3) pid parameter in (b) viewDetail.asp.
Sitesoutlet E-commerce Kit-1 Paypal Edition
NA
CVE-2012-5806
The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary ...
Paypal Payments Pro -
Zen-cart Zen Cart -
5.4
CVSSv3
CVE-2022-4672
The WordPress Simple Shopping Cart WordPress plugin prior to 4.6.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which...
Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart
NA
CVE-2012-5798
The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitr...
Paypal Payflow Pro Express Checkout -
Oscommerce Oscommerce -
5.3
CVSSv3
CVE-2023-1431
The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3 due to the plugin saving shopping cart data exports in a publicly accessible location (/wp-content/plugins/wordpress-simple-paypal-shopping-car...
Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart
4.8
CVSSv3
CVE-2023-6497
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatic redirect URL setting in all versions up to and including 4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...
Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart
5.4
CVSSv3
CVE-2023-0275
The Easy Accept Payments for PayPal WordPress plugin prior to 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Store...
Tipsandtricks-hq Easy Accept Payments For Paypal
8.8
CVSSv3
CVE-2019-5992
Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Ultra-prod Wordpress Ultra Simple Paypal Shopping Cart
NA
CVE-2012-5797
The PayPal Pro PayFlow module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary...
Brian Burton Paypal Pro Payflow Module -
Oscommerce Oscommerce -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »