VYPR

The Moneytizer

by WordPress

Source repositories

CVEs (4)

  • CVE-2023-6968HigJun 6, 2024
    risk 0.46cvss 8.1epss 0.00

    The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.6.3. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to to update and…

  • CVE-2023-6966HigJun 6, 2024
    risk 0.46cvss 8.1epss 0.00

    The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/core_ajax.php file in all versions up to, and including, 9.6.3. This makes it…

  • CVE-2025-62756MedDec 31, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through <= 10.0.9.

  • CVE-2024-27990MedApr 11, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Moneytizer allows Stored XSS.This issue affects The Moneytizer: from n/a through 9.5.20.