Lucene search
K
CodepeopleCp Contact Form With Paypal

4 matches found

CVE
CVE
added 2019/08/09 12:37 p.m.76 views

CVE-2019-14785

The CVE-2019-14785 issue affects the WordPress plugin CP Contact Form with PayPal prior to version 1.2.99, where an XSS flaw exists in the publishing wizard via wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter. Impact is client-side script execution as de...

5.4CVSS5.3AI score0.00797EPSS
CVE
CVE
added 2019/08/15 3:50 p.m.62 views

CVE-2019-14784

The CVE-2019-14784 entry applies to the WordPress plugin CP Contact Form with PayPal (pre-1.2.98). It contains an XSS in CSS edition vulnerability in the plugin’s admin/css handling, with PoC evidence showing input can be reflected in the admin interface. Affected versions are prior to 1.2.98; a ...

6.1CVSS6AI score0.0094EPSS
CVE
CVE
added 2024/06/03 10:1 p.m.51 views

CVE-2023-27460

CVE-2023-27460 affects WordPress CP Contact Form with Paypal plugin, <=1.3.34, due to Missing Authorization that could enable feedback submission abuse. A fix is available: upgrade to version 1.3.35. Public advisories show differing CVSS assessments (NVD: 8.8 HIGH; Patchstack: 4.3 MEDIUM), but...

8.8CVSS4.7AI score0.00377EPSS
CVE
CVE
added 2017/09/29 9:0 p.m.41 views

CVE-2015-9233

The CP Contact Form with PayPal WordPress plugin (pre-1.1.6) is affected by a CSRF vulnerability that can lead to Cross-Site Scripting (XSS), related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php. Affected versions are prior to 1.1.6; updating to 1.1.6 or later is the docume...

8.8CVSS8.6AI score0.01012EPSS