| CVE-2024-45662 | IBM Safer Payments denial of service | IBM | Safer Payments | High | 7.5 | 2025-01-18 16:19:47 | Deep Dive |
| CVE-2024-13517 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Title | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2025-01-18 07:05:09 | Deep Dive |
| CVE-2024-12919 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.7 - Authentication Bypass via pms_payment_id | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Critical | 9.8 | 2025-01-14 09:21:55 | Deep Dive |
| CVE-2024-12875 | Easy Digital Downloads <= 3.3.2 - Authenticated (Admin+) Arbitrary File Download | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.9 | 2024-12-21 11:22:45 | Deep Dive |
| CVE-2024-11291 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.4 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 5.3 | 2024-12-18 11:09:32 | Deep Dive |
| CVE-2024-12250 | Accept Authorize.NET Payments Using Contact Form 7 <= 2.2 - Unauthenticated Information Exposure | zealopensource | Accept Authorize.NET Payments Using Contact Form 7 | Medium | 5.3 | 2024-12-18 03:22:07 | Deep Dive |
| CVE-2024-9654 | Easy Digital Downloads 3.1 - 3.3.4 - Improper Authorization to Paywall Bypass | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.7 | 2024-12-17 11:10:19 | Deep Dive |
| CVE-2024-12265 | Web3 Cryptocurrency Payments by DePay for WooCommerce <= 2.12.17 - Missing Authorization to Information Exposure | depayfi | Web3 Crypto Payments by DePay for WooCommerce | Medium | 5.3 | 2024-12-12 05:24:24 | Deep Dive |
| CVE-2024-12255 | Accept Stripe Payments Using Contact Form 7 <= 2.5 - Unauthenticated Information Exposure | zealopensource | Accept Stripe Payments Using Contact Form 7 | Medium | 5.3 | 2024-12-12 05:24:22 | Deep Dive |
| CVE-2023-25714 | WordPress Quick Paypal Payments plugin <= 5.7.25 - Broken Access Control vulnerability | fullworks | Quick Paypal Payments | High | 7.5 | 2024-12-09 11:31:30 | Deep Dive |
| CVE-2023-48286 | WordPress Accept Stripe Payments plugin <= 2.0.79 - Broken Access Control vulnerability | mra13 | Stripe Payments | 高危 | - | 2024-12-09 11:30:31 | Deep Dive |
| CVE-2024-12257 | CardGate Payments for WooCommerce <= 3.2.1 - Reflected Cross-Site Scripting | cardgate | CardGate Payments for WooCommerce | Medium | 6.1 | 2024-12-07 01:45:51 | Deep Dive |
| CVE-2024-52474 | WordPress Express Payments plugin <= 1.1.8 - SQL Injection vulnerability | Сервис "Экспресс Платежи" | Express Payments Module | Critical | 9.3 | 2024-11-28 10:44:29 | Deep Dive |
| CVE-2024-11684 | Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting | iseardmedia | Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms | Medium | 6.1 | 2024-11-28 08:47:36 | Deep Dive |
| CVE-2024-11685 | Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' | iseardmedia | Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms | Medium | 6.1 | 2024-11-28 08:47:34 | Deep Dive |
| CVE-2024-11362 | Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.112.0 - Reflected Cross-Site Scripting | peachpay | PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) | Medium | 6.1 | 2024-11-23 03:25:50 | Deep Dive |
| CVE-2024-51826 | WordPress Bitcoin Payments plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability | Jandal | Bitcoin Payments | Medium | 6.5 | 2024-11-19 16:31:47 | Deep Dive |
| CVE-2024-51847 | WordPress WP PagSeguro Payments plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | giovanebribeiro | WP PagSeguro Payments | Medium | 6.5 | 2024-11-19 16:31:37 | Deep Dive |
| CVE-2024-10261 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | High | 7.3 | 2024-11-09 11:19:46 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |