ByteOS Network

GetPaid

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2026-49064

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.24% / 14.59%

7 Day CHG-0.01%

Published-15 Jun, 2026 | 13:01

Updated-15 Jun, 2026 | 15:10

WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data. This issue affects GetPaid: from n/a through 2.8.49.

Vendor-Stiofan

Product-GetPaid

CWE ID-CWE-201

Insertion of Sensitive Information Into Sent Data

CVE-2024-43973

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.46% / 36.65%

7 Day CHG~0.00%

Published-01 Nov, 2024 | 14:17

Updated-28 Apr, 2026 | 16:10

WordPress GetPaid plugin <= 2.8.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through <= 2.8.11.

Vendor-ayecode Stiofan

Product-getpaid GetPaid

CWE ID-CWE-862

Missing Authorization