Quick Paypal Payments
Approved changes feed: RSS · Atom
cpe:2.3:a:fullworks:quick_paypal_payments:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Fullworks (46451953-f05c-5f0a-aa80-4c29dd7c2b84) |
|---|---|
| Product | Quick Paypal Payments (90ceae17-3f83-5565-8476-c7c47a2f9326) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-27003 |
vulnerable | 2026-06-08 07:14:50.805298 |
WordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in fullworks Quick Paypal Payments quick-paypal-payments allows Cross Site Request Forgery.This issue affects Quick Paypal Payments: from n/a through <= 5.7.46.
Published: 2025-09-05T16:18:21.182Z
Updated: 2026-04-28T16:11:46.315Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-25714 |
vulnerable | 2026-06-08 05:56:09.687887 |
WordPress Quick Paypal Payments plugin <= 5.7.25 - Broken Access Control vulnerability
HIGH (7.5)
Missing Authorization vulnerability in Fullworks Quick Paypal Payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Paypal Payments: from n/a through 5.7.25.
Published: 2024-12-09T11:31:30.220Z
Updated: 2026-04-28T16:08:09.766Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-25713 |
vulnerable | 2026-06-08 05:56:09.686383 |
WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)
HIGH (7.1)
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
Published: 2023-04-07T12:54:32.032Z
Updated: 2026-04-28T16:08:09.765Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-25702 |
vulnerable | 2026-06-08 05:56:09.667038 |
WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)
MEDIUM (5.9)
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
Published: 2023-04-07T12:39:15.119Z
Updated: 2026-04-28T16:08:09.611Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-23889 |
vulnerable | 2026-06-08 05:56:04.642614 |
WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)
MEDIUM (6.5)
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25 versions.
Published: 2023-04-25T19:24:44.213Z
Updated: 2026-04-28T16:08:03.871Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-4974 |
vulnerable | 2026-06-08 05:52:02.779726 |
Freemius SDK <= 2.4.2 - Missing Authorization Checks
MEDIUM (6.3)
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Published: 2024-10-16T06:43:30.014Z
Updated: 2026-04-08T16:46:54.861Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.