Vulnerabilities (CVE)

Filtered by vendor Alipay Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24390 1 Alipay Project 1 Alipay 2024-02-04 6.5 MEDIUM 7.2 HIGH
A proid GET parameter of the WordPress支付�Alipay|财付通Tenpay|��PayPal集��件 WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.
CVE-2014-4514 1 Alipay Project 1 Alipay 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in includes/api_tenpay/inc.tenpay_notify.php in the Alipay plugin 3.6.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to the getDebugInfo function.