31 matches found
CVE-2026-4072
The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...
WordPress WordPress PayPal Donation plugin <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'amount' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin WordPress PayPal Donation versions = 1.01...
CVE-2026-4072
The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...
CVE-2026-4072 WordPress PayPal Donation <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute
The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...
CVE-2026-4072
The CVE concerns the WordPress PayPal Donation plugin for WordPress, vulnerable to Stored Cross-Site Scripting up to version 1.01 via the donate shortcode. The issue arises from insufficient input sanitization and output escaping on shortcode attributes (amount, email, title, return_url, cancel_u...
CVE-2026-4072 WordPress PayPal Donation <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute
The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...
CVE-2026-4072
The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...
WordPress plugin WordPress PayPal Donation 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2025-11859
The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...
EUVD-2025-60936
The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...
CVE-2025-11859
The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...
CVE-2025-11859 Paypal Donation Shortcode <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...
CVE-2025-11859 Paypal Donation Shortcode <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'paypal' shortcode in all versions up to, and including, 0.1. This is due to the plugin not properly sanitizing user input and output of the 'title' and 'text' parameters. This makes it possibl...
CVE-2025-11859
CVE-2025-11859 affects the WordPress plugin Paypal Donation Shortcode (versions
WordPress plugin Paypal Donation Shortcode 跨站脚本漏洞
WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers. woocommerce is one of the e-commerce plugins. uninstall is one of the plugins used to completely uninstall WordPress. redirection is one of the...
EUVD-2021-11482
Malware in sbrugna...
EUVD-2023-27871
Malicious code in bioql PyPI...
CVE-2023-23785
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in DgCult Exquisite PayPal Donation plugin = v2.0.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in DgCult Exquisite PayPal Donation plugin = v2.0.0 versions...
CVE-2023-23785 WordPress Exquisite PayPal Donation Plugin <= v2.0.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in DgCult Exquisite PayPal Donation plugin = v2.0.0 versions...