Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.3 views

CVE-2026-4072

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...

6.4CVSS6AI score0.00193EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 4:59 p.m.7 views

WordPress WordPress PayPal Donation plugin <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'amount' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin WordPress PayPal Donation versions = 1.01...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/03/21 4:17 a.m.3 views

CVE-2026-4072

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...

6.4CVSS0.00193EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/21 3:26 a.m.33 views

CVE-2026-4072 WordPress PayPal Donation <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...

6.4CVSS0.00193EPSS
Exploits0References5
CVE
CVE
added 2026/03/21 3:26 a.m.12 views

CVE-2026-4072

The CVE concerns the WordPress PayPal Donation plugin for WordPress, vulnerable to Stored Cross-Site Scripting up to version 1.01 via the donate shortcode. The issue arises from insufficient input sanitization and output escaping on shortcode attributes (amount, email, title, return_url, cancel_u...

6.4CVSS6AI score0.00193EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/21 3:26 a.m.2 views

CVE-2026-4072 WordPress PayPal Donation <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...

6.4CVSS6AI score0.00193EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/21 3:26 a.m.3 views

CVE-2026-4072

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...

6.4CVSS6AI score0.00193EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.7 views

WordPress plugin WordPress PayPal Donation 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/12 3:46 a.m.8 views

CVE-2025-11859

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...

6.4CVSS5AI score0.00161EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 6:30 a.m.5 views

EUVD-2025-60936

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...

6.4CVSS4.7AI score0.00161EPSS
Exploits0References3
NVD
NVD
added 2025/11/11 4:15 a.m.5 views

CVE-2025-11859

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...

6.4CVSS0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/11 3:30 a.m.7 views

CVE-2025-11859 Paypal Donation Shortcode <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...

6.4CVSS0.00161EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 3:30 a.m.3 views

CVE-2025-11859 Paypal Donation Shortcode <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...

6.4CVSS4.7AI score0.00161EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 3:30 a.m.19 views

CVE-2025-11859

CVE-2025-11859 affects the WordPress plugin Paypal Donation Shortcode (versions

6.4CVSS4.8AI score0.00161EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

WordPress plugin Paypal Donation Shortcode 跨站脚本漏洞

WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers. woocommerce is one of the e-commerce plugins. uninstall is one of the plugins used to completely uninstall WordPress. redirection is one of the...

6.4CVSS5.6AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-11482

Malware in sbrugna...

4.3CVSS4.8AI score0.00487EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-27871

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2023/05/03 3:15 p.m.1 views

CVE-2023-23785

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in DgCult Exquisite PayPal Donation plugin = v2.0.0 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/05/03 3:15 p.m.15 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in DgCult Exquisite PayPal Donation plugin = v2.0.0 versions...

4.3CVSS4.8AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/03 2:12 p.m.16 views

CVE-2023-23785 WordPress Exquisite PayPal Donation Plugin <= v2.0.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in DgCult Exquisite PayPal Donation plugin = v2.0.0 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
Rows per page
Query Builder