Getpaid
by Ayecode
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-43973 | Med | 0.28 | 4.3 | 0.00 | Nov 1, 2024 | Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through <= 2.8.11. | ||
| CVE-2021-24369 | 0.00 | — | 0.01 | Jun 21, 2021 | In the GetPaid WordPress plugin before 2.3.4, users with the contributor role and above can create a new Payment Form, however the Label and Help Text input fields were not getting sanitized properly. So it was possible to inject malicious content such as img tags, leading to a… |
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through <= 2.8.11.
- CVE-2021-24369Jun 21, 2021risk 0.00cvss —epss 0.01
In the GetPaid WordPress plugin before 2.3.4, users with the contributor role and above can create a new Payment Form, however the Label and Help Text input fields were not getting sanitized properly. So it was possible to inject malicious content such as img tags, leading to a…