Accept Paypal Payments Using Contact Form 7
Monthly
Missing authorization in ZealousWeb's Accept PayPal Payments using Contact Form 7 plugin (versions up to 4.0.4) allows unauthenticated remote attackers to modify payment-related data through incorrectly configured access controls. The vulnerability exposes WordPress sites using this plugin to unauthorized alterations of sensitive payment information without requiring user authentication, though the EPSS score of 0.02% (4th percentile) indicates low real-world exploitation probability despite network accessibility.
Missing authorization in ZealousWeb's Accept PayPal Payments using Contact Form 7 plugin (versions up to 4.0.4) allows unauthenticated remote attackers to modify payment-related data through incorrectly configured access controls. The vulnerability exposes WordPress sites using this plugin to unauthorized alterations of sensitive payment information without requiring user authentication, though the EPSS score of 0.02% (4th percentile) indicates low real-world exploitation probability despite network accessibility.