Skip to main content

Paypal Stripe Add On

4 CVEs product

Monthly

CVE-2024-10683 MEDIUM PATCH This Month

The Contact Form 7 - PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Paypal Stripe Add On
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-29130 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 - PayPal & Stripe Add-on allows Reflected XSS.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paypal Stripe Add On
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-1719 MEDIUM PATCH This Month

The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 - PayPal & Stripe Add-on all. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Paypal Stripe Add On
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-24405 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 - PayPal & Stripe Add-on plugin <= 1.9.3 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Paypal Stripe Add On
NVD
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

The Contact Form 7 - PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Paypal Stripe Add On
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 - PayPal & Stripe Add-on allows Reflected XSS.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paypal Stripe Add On
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 - PayPal & Stripe Add-on all. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Paypal Stripe Add On
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 - PayPal & Stripe Add-on plugin <= 1.9.3 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Paypal Stripe Add On
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy