Skip to main content

Paypal Pro

2 CVEs product

Monthly

CVE-2020-14092 CRITICAL POC THREAT Act Now

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi Paypal Pro
NVD
CVSS 3.1
9.8
EPSS
94.5%
CVE-2012-5796 MEDIUM POC This Month

The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Oscommerce Paypal Pro
NVD
CVSS 2.0
5.8
EPSS
0.1%
EPSS 95% CVSS 9.8
CRITICAL POC THREAT Act Now

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi Paypal Pro
NVD
EPSS 0% CVSS 5.8
MEDIUM POC This Month

The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Oscommerce Paypal Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy