Browse all 3 CVE security advisories affecting Paytm. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Paytm operates as a digital payments platform enabling financial transactions, recharges, and e-commerce services in India. Historically, the platform has been susceptible to common web vulnerabilities including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, as evidenced by its three recorded CVEs. While no major public security incidents have been widely documented, the platform's extensive user base and financial services nature make it a potential target for attackers. Security researchers have identified various input validation and authentication weaknesses in Paytm's web and mobile applications, highlighting ongoing challenges in maintaining robust security across its large-scale digital infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-45362 | WordPress Paytm Payment Gateway Plugin <= 2.7.0 is vulnerable to Server Side Request Forgery (SSRF) — Paytm Payment GatewayCWE-918 | 7.2 | High | 2023-12-07 |
| CVE-2022-45805 | WordPress Paytm Payment Gateway Plugin <= 2.7.3 is vulnerable to SQL Injection — Paytm Payment GatewayCWE-89 | 8.2 | High | 2023-11-03 |
| CVE-2023-28535 | WordPress Paytm Payment Donation Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS) — Paytm Payment DonationCWE-79 | 7.1 | High | 2023-08-14 |
This page lists every published CVE security advisory associated with Paytm. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.