Fullworksplugins - Quick Paypal Payments CVE - OpenCVE

Filtered by vendor Fullworksplugins Subscriptions

Filtered by product Quick Paypal Payments Subscriptions

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-25713	1 Fullworksplugins	1 Quick Paypal Payments	2024-08-02	7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
CVE-2023-25702	1 Fullworksplugins	1 Quick Paypal Payments	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
CVE-2023-23889	1 Fullworksplugins	1 Quick Paypal Payments	2024-08-02	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
CVE-2023-1554	1 Fullworksplugins	1 Quick Paypal Payments	2024-08-02	4.8 Medium
The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Page 1 of 1.