WordPress Accept Donations with PayPal plugin <= 1.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

2021-10-1800:00:00

dc11

patchstack.com

Stored Cross-Site Scripting (XSS) vulnerability discovered by dc11 in WordPress Accept Donations with PayPal plugin (versions <= 1.3.1).

Solution

           Update the WordPress Accept Donations with PayPal plugin to the latest available version (at least 1.3.2).

CPENameOperatorVersion
accept donations with paypalle1.3.1

CPE	Name	Operator	Version
	accept donations with paypal	le	1.3.1

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24815

wordpress.org/plugins/easy-paypal-donation/#developers

wpscan.com/vulnerability/08f4ebf5-6bbe-4fb0-a9d2-c8a994afe39b