| CVE-2024-9222 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.12.8 - Reflected Cross-Site Scripting | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 6.1 | 2024-10-02 07:35:28 | Deep Dive |
| CVE-2022-2439 | Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR Deserialization | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | High | 7.2 | 2024-09-24 03:06:39 | Deep Dive |
| CVE-2024-6448 | Mollie Payments for WooCommerce <= 7.7.0 - Unauthenticated Full Path Disclosure | mollieintegration | Mollie Payments for WooCommerce | Medium | 5.3 | 2024-08-28 03:27:28 | Deep Dive |
| CVE-2024-43316 | WordPress Stripe Payments For WooCommerce plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability | Checkout Plugins | Stripe Payments For WooCommerce by Checkout | Medium | 4.3 | 2024-08-26 20:36:44 | Deep Dive |
| CVE-2024-43315 | WordPress Stripe Payments For WooCommerce plugin <= 1.9.1 - Insecure Direct Object References (IDOR) vulnerability | Checkout Plugins | Stripe Payments For WooCommerce by Checkout | High | 7.5 | 2024-08-18 21:32:22 | Deep Dive |
| CVE-2024-6692 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Agreement Text | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.3 | 2024-08-10 02:01:23 | Deep Dive |
| CVE-2024-6691 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Currency Settings | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2024-08-10 02:01:20 | Deep Dive |
| CVE-2024-7353 | Accept Stripe Payments <= 2.0.86 - Authenticated (Contributor+) Stored Cross-Site Scripting via accept_stripe_payment_ng Shortcode | mra13 | Accept Stripe Payments | Medium | 5.4 | 2024-08-07 11:30:53 | Deep Dive |
| CVE-2024-3934 | Mercado Pago payments for WooCommerce 7.3.0 - 7.6.1 - Authenticated (Subscriber+) Arbitrary File Download | claudiosanches | Mercado Pago payments for WooCommerce | Medium | 6.5 | 2024-07-20 03:20:31 | Deep Dive |
| CVE-2023-48285 | WordPress Accept Stripe Payments plugin <= 2.0.79 - Content Injection vulnerability | Tips and Tricks HQ | Stripe Payments | Medium | 5.3 | 2024-06-04 10:23:00 | Deep Dive |
| CVE-2024-30527 | WordPress WP Express Checkout plugin <= 2.3.7 - Price Manipulation vulnerability | Tips and Tricks HQ | WP Express Checkout (Accept PayPal Payments) | High | 7.5 | 2024-05-17 08:21:00 | Deep Dive |
| CVE-2024-33591 | WordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerability | Tips and Tricks HQ | Easy Accept Payments | High | 7.5 | 2024-04-29 10:10:53 | Deep Dive |
| CVE-2024-2302 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.2.9 - Sensitive Information Exposure | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2024-04-09 18:58:30 | Deep Dive |
| CVE-2024-30477 | WordPress Klarna Payments for WooCommerce plugin <= 3.2.4 - Broken Access Control vulnerability | klarna | Klarna Payments for WooCommerce | Medium | 5.3 | 2024-03-29 16:01:17 | Deep Dive |
| CVE-2024-25922 | WordPress Peach Payments Gateway plugin <= 3.1.9 - Broken Access Control vulnerability | Peach Payments | Peach Payments Gateway | Medium | 5.4 | 2024-03-21 17:33:39 | Deep Dive |
| CVE-2023-6090 | WordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File Upload | Mollie | Mollie Payments for WooCommerce | Critical | 9.1 | 2024-02-29 05:23:57 | Deep Dive |
| CVE-2024-1389 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 5.3 | 2024-02-20 18:56:46 | Deep Dive |
| CVE-2024-1390 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_page | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 4.3 | 2024-02-20 18:56:20 | Deep Dive |
| CVE-2024-0659 | Easy Digital Downloads <= 3.2.6 - Authenticated(Shop Manager+) Stored Cross-Site Scripting via variable pricing options | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.5 | 2024-02-05 21:21:36 | Deep Dive |
| CVE-2023-51684 | WordPress Easy Digital Downloads Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS) | Easy Digital Downloads | Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) | Medium | 6.5 | 2024-02-01 10:34:37 | Deep Dive |