Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paypal paypal - vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2007-0403
SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote malicious users to execute arbitrary SQL commands via the keyword parameter.
Easebay Resources Paypal Subscription Manager
383
VMScore
CVE-2017-6217
paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution
Paypal Adaptive Payments Sdk 3.9.2
NA
CVE-2023-47239
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Paterson Easy PayPal Shopping Cart plugin <= 1.1.10 versions.
Wpplugin Easy Paypal Shopping Cart
383
VMScore
CVE-2021-24572
The Accept Donations with PayPal WordPress plugin prior to 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result...
Wpplugin Accept Donations With Paypal
383
VMScore
CVE-2021-24570
The Accept Donations with PayPal WordPress plugin prior to 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Fu...
Wpplugin Accept Donations With Paypal
NA
CVE-2022-3822
The Donations via PayPal WordPress plugin prior to 1.9.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in m...
Tipsandtricks-hq Donations Via Paypal
383
VMScore
CVE-2021-24989
The Accept Donations with PayPal WordPress plugin prior to 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing malicious users to make a logged in admin delete arbitrary posts from the blog
Wpplugin Accept Donations With Paypal
383
VMScore
CVE-2017-6099
Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote malicious users to inject arbitrary web script or HTML via the token parameter.
Paypal Merchant-sdk-php 3.9.1
NA
CVE-2023-24405
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on plugin <= 1.9.3 versions.
Wpplugin Paypal & Stripe Add-on
312
VMScore
CVE-2021-24815
The Accept Donations with PayPal WordPress plugin prior to 1.3.2 does not escape the Amount Menu Name field of created Buttons, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Wpplugin Accept Donations With Paypal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »