Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpplugin accept donations with paypal vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-24815
The Accept Donations with PayPal WordPress plugin prior to 1.3.2 does not escape the Amount Menu Name field of created Buttons, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Wpplugin Accept Donations With Paypal
383
VMScore
CVE-2021-24572
The Accept Donations with PayPal WordPress plugin prior to 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result...
Wpplugin Accept Donations With Paypal
383
VMScore
CVE-2021-24989
The Accept Donations with PayPal WordPress plugin prior to 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing malicious users to make a logged in admin delete arbitrary posts from the blog
Wpplugin Accept Donations With Paypal
383
VMScore
CVE-2021-24570
The Accept Donations with PayPal WordPress plugin prior to 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Fu...
Wpplugin Accept Donations With Paypal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started