Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpplugin accept donations with paypal vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-24989
The Accept Donations with PayPal WordPress plugin prior to 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing malicious users to make a logged in admin delete arbitrary posts from the blog
Wpplugin Accept Donations With Paypal
4.8
CVSSv3
CVE-2021-24815
The Accept Donations with PayPal WordPress plugin prior to 1.3.2 does not escape the Amount Menu Name field of created Buttons, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Wpplugin Accept Donations With Paypal
4.3
CVSSv3
CVE-2021-24570
The Accept Donations with PayPal WordPress plugin prior to 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Fu...
Wpplugin Accept Donations With Paypal
4.3
CVSSv3
CVE-2021-24572
The Accept Donations with PayPal WordPress plugin prior to 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result...
Wpplugin Accept Donations With Paypal
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started