Accept Donations With Paypal Security Vulnerabilities and Issues — Accept Donations With Paypal CVE List

Lucene search

WppluginAccept Donations With Paypal

3 matches found

CVE•added 2021/11/01 9:15 a.m.•55 views

CVE-2021-24570

The Accept Donations with PayPal WordPress plugin before 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of the...

4.3CVSS4.3AI score0.00158EPSS

CVE•added 2021/11/17 11:15 a.m.•40 views

CVE-2021-24815

The Accept Donations with PayPal WordPress plugin before 1.3.2 does not escape the Amount Menu Name field of created Buttons, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

4.8CVSS4.7AI score0.00206EPSS

CVE•added 2021/11/01 9:15 a.m.•39 views

CVE-2021-24572

The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could m...

4.3CVSS4.6AI score0.00142EPSS