Wpeasypay Wp Easypay

Do you want an email whenever new security vulnerabilities are reported in Wpeasypay Wp Easypay?

By the Year

In 2024 there have been 0 vulnerabilities in Wpeasypay Wp Easypay . Last year Wp Easypay had 4 security vulnerabilities published. Right now, Wp Easypay is on track to have less security vulnerabilities in 2024 than it did last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	4	6.40
2022	0	0.00
2021	0	0.00
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Wp Easypay vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Wpeasypay Wp Easypay Security Vulnerabilities

The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues

CVE-2023-1465 6.1 - Medium - August 16, 2023

The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin

XSS

The WP EasyPay Square for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to

CVE-2021-4411 4.3 - Medium - July 12, 2023

The WP EasyPay Square for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the wpep_download_transaction_in_excel() function. This makes it possible for unauthenticated attackers to trigger a transactions download via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Session Riding

REJECT CVE split into individual CVE IDs for each software record.

CVE-2021-4342 - June 07, 2023

** REJECT ** CVE split into individual CVE IDs for each software record.

Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP EasyPay Square for WordPress plugin <= 4.1 versions.

CVE-2022-47177 8.8 - High - May 25, 2023

Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP EasyPay Square for WordPress plugin <= 4.1 versions.

Session Riding

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Wpeasypay Wp Easypay or by Wpeasypay? Click the Watch button to subscribe.

Wpeasypay
Vendor

Wpeasypay Wp Easypay
Product

By the Year

Recent Wpeasypay Wp Easypay Security Vulnerabilities

The WP EasyPay WordPress plugin before 4.1 does not escape some generated URLs before outputting them back in pages, leading to Reflected Cross-Site Scripting issues CVE-2023-1465 6.1 - Medium - August 16, 2023

The WP EasyPay Square for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to CVE-2021-4411 4.3 - Medium - July 12, 2023

** REJECT ** CVE split into individual CVE IDs for each software record. CVE-2021-4342 - June 07, 2023

Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP EasyPay Square for WordPress plugin <= 4.1 versions. CVE-2022-47177 8.8 - High - May 25, 2023