CVE-2025-14554

The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2025-14554 Sell BTC - Cryptocurrency Selling Calculator <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action

The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

PT-2026-5543

Name of the Vulnerable Software and Affected Versions Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress versions prior to 1.5. Description The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the orderform data...

WordPress plugin “Sell BTC – Cryptocurrency Selling Calculator” has a cross-site scripting vulnerability.

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...