2 matches found
CVE-2025-39562
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Payment Form for PayPal Pro allows Stored XSS. This issue affects Payment Form for PayPal Pro: from n/a through 1.1.72.
CVE-2015-7666
Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via ...