WordPress Quick Paypal Payments plugin < 5.7.22 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

2022-02-2800:00:00

patchstack.com

Sensitive Information Disclosure vulnerability discovered in WordPress Quick Paypal Payments plugin (versions < 5.7.22).

Solution

Update the WordPress Quick Paypal Payments plugin to the latest available version (at least 5.7.22).

CPENameOperatorVersion
quick-paypal-paymentslt5.7.22

CPE	Name	Operator	Version
	quick-paypal-payments	lt	5.7.22

wordpress.org/plugins/quick-paypal-payments/

wpscan.com/vulnerability/6dae6dca-7474-4008-9fe5-4c62b9f12d0a