Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2024-7353
- EPSS 0.29%
- Veröffentlicht 07.08.2024 12:15:36
- Zuletzt bearbeitet 07.08.2024 15:17:46
The Accept Stripe Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's accept_stripe_payment_ng shortcode in all versions up to, and including, 2.0.86 due to insufficient input sanitization and output escaping o...
5.3
CVE-2023-48285
- EPSS 0.25%
- Veröffentlicht 04.06.2024 11:15:48
- Zuletzt bearbeitet 21.11.2024 08:31:24
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Tips and Tricks HQ Stripe Payments allows Code Injection.This issue affects Stripe Payments: from n/a through 2.0.79.
4.8
CVE-2022-2194
- EPSS 0.2%
- Veröffentlicht 17.07.2022 11:15:09
- Zuletzt bearbeitet 21.11.2024 07:00:31
The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
1