4 matches found
CVE-2023-25702
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...
CVE-2023-25702 WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...
CVE-2023-25702 WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...
CVE-2023-25702
CVE-2023-25702 affects the WordPress Quick Paypal Payments (Fullworks) plugin ≤ 5.7.25. The root cause is insufficient sanitization/escaping in settings, enabling Admin+ Stored XSS. Impact per sources is stored XSS with low overall risk, requiring high privileges and user interaction in some vect...