Unrated severityNVD Advisory· Published Feb 13, 2023· Updated Mar 21, 2025
Easy Accept Payments for PayPal < 4.9.10 - Contributor+ Stored XSS
CVE-2023-0275
Description
The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Easy Accept Payments for PayPaldescription
- Range: <4.9.10
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/aab5d803-d621-4b12-a901-ff4447334d88mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.