cleantalk
Vulnerabilities and Security Researches

WP EasyPay – Square for WordPress, CVE-2024-5861

CVE, Research URL

CVE-2024-5861

Home page URL

Security reports for WP EasyPay – Square for WordPress

Application

WP EasyPay – Square for WordPress

Published on
Jul 24, 2024
Research Description
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the wpep_square_disconnect() function in all versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to disconnect square.
Affected versions
max 4.2.4.
Status
vulnerable
Previous vulnerability researches
WP EasyPay – Square for WordPress (CVE-2026-32587) , Mar 30, 2026
WP EasyPay – Square for WordPress (CVE-2022-4974) , Nov 15, 2024
WP EasyPay – Square for WordPress (206aa8b706721ec996e1673c01a3d16da642fd74) , Jun 07, 2024
WP EasyPay – Square for WordPress (CVE-2022-47177) , Jun 07, 2024
WP EasyPay – Square for WordPress (CVE-2021-4411) , Jun 07, 2024
New vulnerability
Gallery Block (Meow Gallery) (CVE-2026-32418) , Mar 30, 2026
Master Addons for Elementor (CVE-2026-32462) , Mar 30, 2026
Elementor Addon Elements (CVE-2026-28131) , Mar 30, 2026
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes (CVE-2026-32539) , Mar 30, 2026
Kargo Takip (CVE-2026-25365) , Mar 30, 2026