Medium severity4.3NVD Advisory· Published Nov 1, 2021· Updated Jun 17, 2026
CVE-2021-24572
CVE-2021-24572
Description
The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could make logged in admins delete arbitrary posts
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Accept Donations with PayPaldescription
- Range: <1.3.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/7b1ebd26-ea8b-448c-a775-66a04102e44fnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.