Vulnerabilities > Wpplugin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-12 | CVE-2024-10685 | Cross-site Scripting vulnerability in Wpplugin Contact Form 7 Redirect & Thank YOU Page The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-10-18 | CVE-2024-9593 | Code Injection vulnerability in Wpplugin Time Clock The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. | 8.3 |
| 2024-09-25 | CVE-2024-8476 | Cross-Site Request Forgery (CSRF) vulnerability in Wpplugin Easy Paypal Events The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. | 4.3 |
| 2024-03-19 | CVE-2024-29130 | Unspecified vulnerability in Wpplugin Paypal & Stripe Add-On Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Reflected XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.0. | 6.1 |
| 2024-02-28 | CVE-2023-51683 | Unspecified vulnerability in Wpplugin Easy Paypal & Stripe BUY NOW Button Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1. | 8.8 |
| 2024-02-28 | CVE-2024-1719 | Unspecified vulnerability in Wpplugin Paypal & Stripe Add-On The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 – PayPal & Stripe Add-on all versions up to, and including 2.1. | 4.3 |
| 2023-11-16 | CVE-2023-47239 | Unspecified vulnerability in Wpplugin Easy Paypal Shopping Cart Auth. | 5.4 |
| 2023-07-10 | CVE-2023-24395 | Unspecified vulnerability in Wpplugin Contact Form 7 Redirect & Thank YOU Page Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 Redirect & Thank You Page plugin <= 1.0.3 versions. | 8.8 |
| 2023-07-10 | CVE-2023-24405 | Unspecified vulnerability in Wpplugin Paypal & Stripe Add-On Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on plugin <= 1.9.3 versions. | 8.8 |
| 2023-02-13 | CVE-2022-4628 | Unspecified vulnerability in Wpplugin Easy Paypal BUY NOW Button The Easy PayPal Buy Now Button WordPress plugin before 1.7.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | 5.4 |