CVE-2024-1719 | scottpaterson Easy PayPal & Stripe Buy Now Button Plugin up to 2.1 on WordPress Setting wpecpp_stripe_connect_completion cross-site request forgery

Inserito da Angelo Barbosa | Feb 28, 2024 | CVE

A vulnerability, which was classified as problematic, was found in scottpaterson Easy PayPal & Stripe Buy Now Button Plugin up to 2.1 on WordPress. This affects the function wpecpp_stripe_connect_completion of the component Setting Handler. The manipulation leads to cross-site request forgery.

This vulnerability is uniquely identified as CVE-2024-1719. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-1719 | scottpaterson Easy PayPal & Stripe Buy Now Button Plugin up to 2.1 on WordPress Setting wpecpp_stripe_connect_completion cross-site request forgery

Post correlati

CVE-2024-6679 | witmy my-springsecurity-plus up to 2024-07-04 /api/role params.dataScope sql injection (IAAHCR)

CVE-2024-40510 | openPetra 2023.02 serverMCommon.asmx cross site scripting

CVE-2024-4410 | IgnitionDeck Crowdfunding Platform Plugin up to 1.9.8 on WordPress authorization

CVE-2024-51066 | PHPGurukul Beauty Parlour Management System 1.1 appointment-detail.php resource injection