VYPR

Paypalplugin

by Sylius

Source repositories

CVEs (3)

  • CVE-2025-30152MedMar 19, 2025
    risk 0.35cvss 6.5epss 0.00

    The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user…

  • CVE-2025-29788MedMar 17, 2025
    risk 0.35cvss 6.5epss 0.00

    The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their…

  • CVE-2021-41120Oct 5, 2021
    risk 0.00cvss epss 0.01

    sylius/paypal-plugin is a paypal plugin for the Sylius development platform. In affected versions the URL to the payment page done after checkout was created with autoincremented payment id (/pay-with-paypal/{id}) and therefore it was easy to predict. The problem is that the…