VYPR

Donation Block For PayPal

by WordPress

CVEs (3)

  • CVE-2024-6021MedJul 30, 2024
    risk 0.44cvss 6.8epss 0.00

    The Donation Block For PayPal WordPress plugin through 2.1.0 does not sanitise and escape form submissions, leading to a stored cross-site scripting vulnerability

  • CVE-2025-22525MedJan 7, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bharat Kambariya Donation Block For PayPal donations-block allows Stored XSS.This issue affects Donation Block For PayPal: from n/a through <= 2.2.0.

  • CVE-2023-0535MedFeb 27, 2023
    risk 0.35cvss 5.4epss 0.00

    The Donation Block For PayPal WordPress plugin before 2.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored…