WordPress Accept Donations with PayPal plugin <= 1.5.2 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Legion Hunter in WordPress Plugin Accept Donations with PayPal & Stripe versions = 1.5.2...

CVE-2021-24570

The Accept Donations with PayPal WordPress plugin before 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of t...