VYPR

Checkout For Paypal

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-39572MedApr 16, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Stored XSS.This issue affects Checkout for PayPal: from n/a through <= 1.0.38.

  • CVE-2024-13398MedJan 17, 2025
    risk 0.42cvss 6.4epss 0.00

    The Checkout for PayPal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'checkout_for_paypal' shortcode in all versions up to, and including, 1.0.32 due to insufficient input sanitization and output escaping on user supplied attributes. This…

  • CVE-2022-3983MedDec 19, 2022
    risk 0.35cvss 5.4epss 0.00

    The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

  • CVE-2026-32387MedMar 13, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal: from n/a through <= 1.0.46.