cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-7294,https://securityvulnerability.io/vulnerability/CVE-2023-7294,Unauthorized Data Modification Vulnerability in Mollie Payment Forms & Donations Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the create_mollie_profile function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to create a mollie payment profile.",Wordpress,Paytium: Mollie Payment Forms & Donations,6.5,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-10-16T06:43:46.535Z,0
CVE-2023-7293,https://securityvulnerability.io/vulnerability/CVE-2023-7293,Unauthorized Access to Mollie Account Details in Paytium Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the check_mollie_account_details function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to verify the existence of a mollie account.",Wordpress,Paytium: Mollie Payment Forms & Donations,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-16T06:43:46.043Z,0
CVE-2023-7292,https://securityvulnerability.io/vulnerability/CVE-2023-7292,Unauthorized Notification Dismissal Vulnerability in Paytium Mollie Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized notification dismissal due to a missing capability check on the paytium_notice_dismiss function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to dismiss admin notices.",Wordpress,Paytium: Mollie Payment Forms & Donations,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-16T06:43:45.569Z,0
CVE-2023-7291,https://securityvulnerability.io/vulnerability/CVE-2023-7291,Unauthorized Data Modification Vulnerability in Paytium's Mollie Plugin,"The Mollie payment forms & donations plugin by Paytium for WordPress suffers from a vulnerability that allows unauthorized modification of data. This issue stems from a lack of capability checks in the create_mollie_account function, enabling authenticated attackers with subscriber-level access to create a mollie account. This presents a significant security risk as it could lead to unauthorized changes to payment information and potentially impact financial transactions.",Wordpress,Paytium: Mollie Payment Forms & Donations,8.1,HIGH,0.0005000000237487257,false,,false,false,false,,false,false,2024-10-16T06:43:43.626Z,0
CVE-2023-7290,https://securityvulnerability.io/vulnerability/CVE-2023-7290,Unauthorized Access to Data Vulnerability in Mollie Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the check_for_verified_profiles function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to check profile statuses.",Wordpress,Paytium: Mollie Payment Forms & Donations,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-16T06:43:41.271Z,0
CVE-2023-7289,https://securityvulnerability.io/vulnerability/CVE-2023-7289,Unauthorized API Key Update Vulnerability in Paytium's Mollie Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized API key update due to a missing capability check on the paytium_sw_save_api_keys function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to change plugin API keys.",Wordpress,Paytium: Mollie Payment Forms & Donations,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-16T06:43:39.840Z,0
CVE-2023-7288,https://securityvulnerability.io/vulnerability/CVE-2023-7288,Unauthorized Data Modification Vulnerability in Paytium's Mollie Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_profile_preference function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to change plugin settings.",Wordpress,Paytium: Mollie Payment Forms & Donations,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-16T06:43:26.248Z,0
CVE-2023-7287,https://securityvulnerability.io/vulnerability/CVE-2023-7287,Unauthorized Subscription Cancellation Vulnerability Affects Paytium's Mollie Plugin,"The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized subscription cancellation due to a missing capability check on the pt_cancel_subscription function in versions up to, and including, 4.3.7. This makes it possible for authenticated attackers with subscriber-level access to cancel a subscription to the plugin.",Wordpress,Paytium: Mollie Payment Forms & Donations,5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,2024-10-16T06:43:24.306Z,0
CVE-2022-4042,https://securityvulnerability.io/vulnerability/CVE-2022-4042,Paytium < 4.3.7 - Admin+ Stored XSS,"The Paytium: Mollie payment forms & donations WordPress plugin before 4.3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",Wordpress,Paytium: Mollie Payment Forms & Donations,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-12-26T12:27:59.379Z,0