Wp Express Checkout (Accept Paypal Payments Easily)
Approved changes feed: RSS · Atom
cpe:2.3:a:mra13:wp_express_checkout_(accept_paypal_payments_easily):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mra13 (fb07f8cb-eecb-5698-b4d4-35f7e4581496) |
|---|---|
| Product | Wp Express Checkout (Accept Paypal Payments Easily) (f9920620-f3ab-54ce-bee9-8f8d8066e2e0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-1469 |
vulnerable | 2026-06-08 05:52:35.957312 |
Details available
MEDIUM (4.4)
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: This can potentially be exploited by lower-privileged users if the `Admin Dashboard Access Permission` setting it set for those users to access the dashboard.
Published: 2023-03-17T12:31:55.285Z
Updated: 2025-02-05T19:45:38.551Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.