Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:40 a.m.7 views

CVE-2024-1719

The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 – PayPal & Stripe Add-on all versions up to, and including 2.1. This is due to missing or incorrect nonce validation on the...

4.3CVSS6.3AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2024/02/28 9:33 a.m.90 views

CVE-2024-1719

CVE-2024-1719 affects the WordPress plugins by Easy PayPal & Stripe Buy Now Button (up to 1.8.3) and Contact Form 7 – PayPal & Stripe Add-on (up to 2.1). The root cause is missing or incorrect nonce validation in the function "wpecpp_stripe_connect_completion", enabling CSRF. As described, unauth...

4.3CVSS5.2AI score0.00297EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/28 12:0 a.m.10 views

WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form 7 – PayPal & Stripe Add-on Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1719 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07ee68186112 Credits...

4.3CVSS4.6AI score0.00297EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/28 12:0 a.m.13 views

WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form 7 – PayPal & Stripe Add-on Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1719 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 94c20bfda2aa Credits...

4.3CVSS4.6AI score0.00297EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder