2 matches found
EUVD-2026-20414
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through = 4.0.4...
CVE-2026-39707
CVE-2026-39707 concerns the WordPress plugin “Accept PayPal Payments using Contact Form 7” (versions through 4.0.4). Multiple sources describe a missing authorization / broken access control vulnerability caused by misconfigured access controls that could be exploited to perform actions without p...