Unrated severityNVD Advisory· Published Sep 5, 2022· Updated Aug 3, 2024

Best Payments Plugin for WP < 4.2.1 - Unauthenticated Stored Cross-Site Scripting

CVE-2022-2565

Description

The Simple Payment Donations & Subscriptions WordPress plugin before 4.2.1 does not sanitise and escape user input given in its forms, which could allow unauthenticated attackers to perform Cross-Site Scripting attacks against admins

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Simple Payment Donations & Subscriptionsdescription
WordPress/Simple Payment Donations & Subscriptionsllm-create
Range: <4.2.1

Patches

Vulnerability mechanics

References

wpscan.com/vulnerability/d89eff7d-a3e6-4876-aa0e-6d17e206af83mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000