Browse all 3 CVE security advisories affecting Mollie. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mollie serves as a payment processing platform primarily for e-commerce businesses in Europe. Historically, vulnerabilities in Mollie have included cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from improper input validation and access control issues. The platform has faced security incidents, including a 2021 data breach affecting customer information and a 2023 vulnerability that allowed unauthorized access to payment details. Mollie's security posture has been criticized for inconsistent patch management and insufficient rate limiting, leading to repeated exploitation of similar vulnerability classes across multiple CVEs.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68501 | WordPress Mollie Payments for WooCommerce plugin <= 8.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Mollie Payments for WooCommerceCWE-79 | 7.1 | High | 2026-02-20 |
| CVE-2025-39362 | WordPress Mollie Payments for WooCommerce plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerability — Mollie Payments for WooCommerceCWE-862 | 6.5 | Medium | 2025-07-02 |
| CVE-2023-6090 | WordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File Upload — Mollie Payments for WooCommerceCWE-434 | 9.1 | Critical | 2024-02-29 |
This page lists every published CVE security advisory associated with Mollie. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.