10 matches found
EUVD-2025-205233
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Scott Paterson Accept Donations with PayPal easy-paypal-donation allows Phishing.This issue affects Accept Donations with PayPal: from n/a through = 1.5.1...
CVE-2025-68602 WordPress Accept Donations with PayPal plugin <= 1.5.2 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Phishing.This issue affects Accept Donations with PayPal & Stripe: from n/a through = 1.5.2...
CVE-2025-47517
Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Stored XSS.This issue affects Accept Donations with PayPal & Stripe: from n/a through = 1.4.5...
CVE-2025-47517
CVE-2025-47517 describes a CSRF to Stored XSS vulnerability in the WordPress plugin Accept Donations with PayPal, affecting versions up to 1.4.5. The issue requires user interaction and the attacker may trigger a stored XSS via a CSRF, as indicated by CVSS vectors (UI:R, AV:N, AC:L, PR:N, S:C, C:...
PT-2021-16087 · WordPress · Accept Donations With Paypal
Name of the Vulnerable Software and Affected Versions: Accept Donations with PayPal WordPress plugin versions prior to 1.3.1 Description: The issue is related to a lack of CSRF check in the process of creating new donation buttons, which are internally treated as posts. This allows an attacker to...
CVE-2019-14784
The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition...
CVE-2015-9234
The cp-contact-form-with-paypal aka CP Contact Form with PayPal plugin before 1.1.6 for WordPress has SQL injection via the cpcontactformppid parameter to cpcontactformpp.php...
Cross site request forgery (csrf)
The cp-contact-form-with-paypal aka CP Contact Form with PayPal plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cpcontactformpp.php and cpcontactformppadminintlist.inc.php...
CVE-2015-9234
The cp-contact-form-with-paypal aka CP Contact Form with PayPal plugin before 1.1.6 for WordPress has SQL injection via the cpcontactformppid parameter to cpcontactformpp.php...
WordPress Plugin CP Contact Form with Paypal 1.1.5 - Multiple Vulnerabilities
Title: Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5 Submitter: Nitin Venkatesh Product: CP Contact Form with Paypal Wordpress Plugin Product URL: https://wordpress.org/plugins/cp-contact-form-with-paypal/ Vulnerability...