Vulnerabilities > Alipay Project > Alipay

DATE CVE VULNERABILITY TITLE RISK
2021-09-06 CVE-2021-24390 SQL Injection vulnerability in Alipay Project Alipay
A proid GET parameter of the WordPress???Alipay|???Tenpay|??PayPal???? WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.
network
low complexity
alipay-project CWE-89
7.2
2014-10-21 CVE-2014-4514 Cross-Site Scripting vulnerability in Alipay Project Alipay 3.6.0
Cross-site scripting (XSS) vulnerability in includes/api_tenpay/inc.tenpay_notify.php in the Alipay plugin 3.6.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to the getDebugInfo function.
4.3