Vulnerabilities in Tips and Tricks HQ
10 resultsCVE-2020-5651—SQL injection vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to execute arbitrary SQL commands via a speEPSS 1.5%CVE-2020-5650—Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unEPSS 0.9%CVE-2021-20782—Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the auEPSS 0.9%CVE-2024-30527HIGHWordPress WP Express Checkout plugin <= 2.3.7 - Price Manipulation vulnerabilityEPSS 0.5%CVE-2024-33591HIGHWordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-48285MEDIUMWordPress Accept Stripe Payments plugin <= 2.0.79 - Content Injection vulnerabilityEPSS 0.3%CVE-2026-54811CRITICALWordPress WP eMember plugin < v10.9.4 - SQL Injection vulnerabilityEPSS 0.3%CVE-2026-28070MEDIUMWordPress WP eMember plugin <= v10.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-49077MEDIUMWordPress WP eMember plugin <= v10.2.2 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-28073HIGHWordPress WP eMember theme <= v10.2.2 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%