Codepeople: >> Cp Contact Form With Paypal Security Vulnerabilities
Missing Authorization vulnerability in CodePeople, paypaldev CP Contact Form with Paypal allows Functionality Misuse.This issue affects CP Contact Form with Paypal: from n/a through 1.3.34.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-06-03
The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-15
The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-08-09
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-09-30