European Payment Processor Viva.com Sends Emails Without Required Message-ID Header, Blocked by Google Workspace
Viva.com, one of Europe's largest payment processors, sends verification emails without a Message-ID header — a requirement of RFC 5322 since 2008. Google Workspace rejects them outright. Their…
Read the full articleYou might also wanna read
CVE-2026-11575: CWE-862 Missing Authorization in PhonePe Payment Solutions
The PhonePe Payment Solutions WordPress plugin before version 3.1.0 contains a missing authorization vulnerability. The plugin does not prop
CVE-2026-11901: CWE-345 Insufficient Verification of Data Authenticity in thimpress WP Hotel Booking
The WP Hotel Booking plugin for WordPress contains a vulnerability in its PayPal IPN handler that allows unauthenticated attackers to mark b
CVE-2026-15286: CWE-863 Incorrect Authorization in stellarwp Kadence Blocks — Page Builder Toolkit for Gutenberg Editor
CVE-2026-15286 is a medium-severity vulnerability in the Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress. It
CVE-2026-11990: CWE-862 Missing Authorization in iqonicdesign KiviCare – Clinic & Patient Management System (EHR)
KiviCare – Clinic & Patient Management System (EHR) WordPress plugin versions up to and including 4.4.0 contain an authorization bypass vuln
CVE-2026-1667: CWE-862 Missing Authorization in cifi GEO Plugin by Squirrly SEO
The GEO Plugin by Squirrly SEO for WordPress contains a missing authorization vulnerability in all versions up to and including 14.0.0. This
CVE-2026-13238: CWE-863 Incorrect Authorization in Drupal Commerce Realex / Global Payments
Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Real
Comments
Sign in to join the conversation.
No comments yet. Be the first.