GCVE - cpe:2.3:a:codepeople:cp_contact_form_with

Approved changes feed: RSS · Atom

cpe:2.3:a:codepeople:cp_contact_form_with_paypal:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Codepeople (`f85d1a73-9b3f-50b5-b09d-cd136586594b`)
Product	Cp Contact Form With Paypal (`1d491bef-04b0-5e1a-86b4-69eabc8c30f9`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-27460`	vulnerable	2026-06-03 14:51:01.913331	WordPress CP Contact Form with PayPal plugin <= 1.3.34 - Missing Authorization Leading To Feedback Submission vulnerability MEDIUM (4.3) Missing Authorization vulnerability in CodePeople, paypaldev CP Contact Form with Paypal allows Functionality Misuse.This issue affects CP Contact Form with Paypal: from n/a through 1.3.34. Published: 2024-06-03T22:01:44.315Z Updated: 2026-04-28T16:08:14.237Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/cp-contact-form-with-paypal/wordpress-cp-contact-form-with-paypal-plugin-1-3-34-missing-authorization-leading-to-feedback-submission-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-14785`	vulnerable	2026-06-03 14:39:46.461610	Details available The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter. Published: 2019-08-09T12:37:50.000Z Updated: 2024-08-05T00:26:38.564Z Open on db.gcve.eu Reference links https://wordpress.org/plugins/cp-contact-form-with-paypal/#developers https://www.pluginvulnerabilities.com/2019/06/24/reflected-cross-site-scripting-xss-vulnerability-in-cp-contact-form-with-paypal/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-14784`	vulnerable	2026-06-03 14:39:46.461223	Details available The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition. Published: 2019-08-15T15:50:00.000Z Updated: 2024-08-05T00:26:38.599Z Open on db.gcve.eu Reference links https://wordpress.org/plugins/cp-contact-form-with-paypal/#developers	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-9233`	vulnerable	2026-06-03 14:35:19.379812	Details available The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php. Published: 2017-09-29T21:00:00.000Z Updated: 2024-09-16T23:41:32.391Z Open on db.gcve.eu Reference links http://seclists.org/oss-sec/2015/q3/88 http://seclists.org/fulldisclosure/2015/Jul/49 https://wordpress.org/plugins/cp-contact-form-with-paypal/#developers	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Cp Contact Form With Paypal

PURL mappings

Vulnerability references

Contribute