VYPR

Wp Express Checkout

by WordPress

CVEs (2)

  • CVE-2024-30527HigMay 17, 2024
    risk 0.49cvss 7.5epss 0.01

    Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express Checkout (Accept PayPal Payments) allows Manipulating Hidden Fields.This issue affects WP Express Checkout (Accept PayPal Payments): from n/a through 2.3.7.

  • CVE-2023-1469Mar 17, 2023
    risk 0.00cvss epss 0.00

    The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…