Known Vulnerabilities for Wechat Pay by Tencent
Listed below are 1 of the newest known vulnerabilities associated with "Wechat Pay" by "Tencent".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33661 | Pay is an open-source payment SDK extension package for various Chinese payment services. Prior to version 3.7.20, the `verif... | Not Provided | 2026-03-26 | 2026-03-27 |
| CVE-2024-50522 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redyyu WeChat Subscribe... | Not Provided | 2024-11-19 | 2026-04-01 |
| CVE-2018-13439 | WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL. | 7.5 - HIGH | 2018-07-08 | 2018-09-10 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Tencent | Wechat Pay | - | All | All | All |