VYPR

Subscriptions Memberships For Paypal

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-12752MedNov 22, 2025
    risk 0.34cvss 5.3epss 0.00

    The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment creation in all versions up to, and including, 1.1.7. This is due to the plugin not properly verifying the authenticity of an IPN request. This makes it possible for unauthenticated…

  • CVE-2025-66107MedNov 21, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscriptions-memberships-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscriptions & Memberships for PayPal: from n/a through…

  • CVE-2024-13560MedFeb 26, 2025
    risk 0.21cvss 4.3epss 0.00

    The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.6. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to…