| CVE-2025-27003 | WordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerability | fullworks | Quick Paypal Payments | Medium | 4.3 | 2025-09-05 16:18:21 | Deep Dive |
| CVE-2025-58634 | WordPress PeachPay Payments Plugin <= 1.117.4 - Broken Access Control Vulnerability | peachpay | PeachPay Payments | Medium | 5.3 | 2025-09-03 14:36:56 | Deep Dive |
| CVE-2025-8102 | Easy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install Functions | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.4 | 2025-08-20 11:26:10 | Deep Dive |
| CVE-2025-7653 | EPay.bg Payments <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | vloo | EPay.bg Payments | Medium | 6.4 | 2025-07-19 02:22:59 | Deep Dive |
| CVE-2025-53569 | WordPress Trust Payments Gateway for WooCommerce (JavaScript Library) plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) Vulnerability | Trust Payments | Trust Payments Gateway for WooCommerce (JavaScript Library) | Medium | 4.3 | 2025-07-04 08:42:03 | Deep Dive |
| CVE-2025-39362 | WordPress Mollie Payments for WooCommerce plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerability | Mollie | Mollie Payments for WooCommerce | Medium | 6.5 | 2025-07-02 10:59:06 | Deep Dive |
| CVE-2025-53322 | WordPress Accept Authorize.NET Payments Using Contact Form 7 plugin <= 2.5 - Sensitive Data Exposure Vulnerability | ZealousWeb | Accept Authorize.NET Payments Using Contact Form 7 | Medium | 5.3 | 2025-06-27 13:21:39 | Deep Dive |
| CVE-2025-53309 | WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.0 - Sensitive Data Exposure Vulnerability | ZealousWeb | Accept Stripe Payments Using Contact Form 7 | Medium | 5.3 | 2025-06-27 13:21:33 | Deep Dive |
| CVE-2025-53288 | WordPress PlatiOnline Payments plugin <= 7.0.0 - Broken Access Control vulnerability | Adrian Ladó | PlatiOnline Payments | Medium | 4.3 | 2025-06-27 13:21:24 | Deep Dive |
| CVE-2025-48141 | WordPress Multi CryptoCurrency Payments plugin <= 2.0.7 - SQL Injection Vulnerability | Alex Zaytseff | Multi CryptoCurrency Payments | Critical | 9.3 | 2025-06-09 15:53:59 | Deep Dive |
| CVE-2025-4670 | Easy Digital Downloads <= 3.3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via edd_receipt Shortcode | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 6.4 | 2025-05-29 08:22:03 | Deep Dive |
| CVE-2025-39563 | WordPress Conditional Payments for WooCommerce plugin <= 3.3.0 - Cross Site Request Forgery (CSRF) Vulnerability | WP Trio | Conditional Payments for WooCommerce | Medium | 6.5 | 2025-04-16 12:44:33 | Deep Dive |
| CVE-2025-32601 | WordPress Twispay Credit Card Payments Plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability | twispay | Twispay Credit Card Payments | High | 7.1 | 2025-04-11 08:42:59 | Deep Dive |
| CVE-2025-32119 | WordPress CardGate Payments for WooCommerce plugin <= 3.2.1 - SQL Injection vulnerability | CardGate | CardGate Payments for WooCommerce | - | - | 2025-04-10 08:09:42 | Deep Dive |
| CVE-2025-2883 | Accept SagePay Payments Using Contact Form 7 <= 2.0 - Unauthenticated Information Exposure | zealopensource | Accept SagePay Payments Using Contact Form 7 | Medium | 5.3 | 2025-04-08 09:21:20 | Deep Dive |
| CVE-2025-22767 | WordPress GlobalPayments WooCommerce Plugin <= 1.13.2 - Reflected Cross Site Scripting (XSS) vulnerability | Global Payments | GlobalPayments WooCommerce | High | 7.1 | 2025-03-28 15:12:26 | Deep Dive |
| CVE-2025-28942 | WordPress Trust Payments Gateway for WooCommerce plugin <= 1.1.4 - SQL Injection vulnerability | Trust Payments | Trust Payments Gateway for WooCommerce | Critical | 9.3 | 2025-03-26 14:24:26 | Deep Dive |
| CVE-2025-2252 | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy <= 3.3.6.1 - Unauthenticated Private Post Title Disclosure | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2025-03-25 07:04:55 | Deep Dive |
| CVE-2024-11895 | Online Payments – Get Paid with PayPal, Square & Stripe <= 3.20.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | vcita | Online Payments – Get Paid with PayPal, Square & Stripe | Medium | 6.4 | 2025-02-18 07:28:13 | Deep Dive |
| CVE-2025-22661 | WordPress Online Payments plugin <= 3.20.0 - Cross Site Scripting (XSS) vulnerability | vcita | Online Payments – Get Paid with PayPal, Square & Stripe | Medium | 6.5 | 2025-01-21 17:21:51 | Deep Dive |