cleantalk
Vulnerabilities and Security Researches

Simple Payment, CVE-2024-54303

CVE, Research URL

CVE-2024-54303

Home page URL

Security reports for Simple Payment

Application

Simple Payment

Published on
Dec 13, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ido Kobelkowsky / yalla ya! Simple Payment allows Reflected XSS.This issue affects Simple Payment: from n/a through 2.3.7.
Affected versions
max 2.3.7.
Status
vulnerable
Previous vulnerability researches
Simple Payment (CVE-2025-62076) , Nov 11, 2025
Simple Payment (CVE-2025-62075) , Nov 11, 2025
Simple Payment (CVE-2025-6688) , Jun 29, 2025
Simple Payment (CVE-2024-54303) , Dec 15, 2024
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates & Open Badges – Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu – PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025