Quick Paypal Payments CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Fullworksplugins Subscriptions

Filtered by product Quick Paypal Payments Subscriptions

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-25714	1 Fullworksplugins	1 Quick Paypal Payments	2024-12-09	7.5 High
Missing Authorization vulnerability in Fullworks Quick Paypal Payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Paypal Payments: from n/a through 5.7.25.
CVE-2023-25713	1 Fullworksplugins	1 Quick Paypal Payments	2024-11-21	7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
CVE-2023-25702	1 Fullworksplugins	1 Quick Paypal Payments	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
CVE-2023-23889	1 Fullworksplugins	1 Quick Paypal Payments	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
CVE-2023-1554	1 Fullworksplugins	1 Quick Paypal Payments	2024-11-21	4.8 Medium
The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Page 1 of 1.