CVE-2025-13966 | Paypal Payment Shortcode Plugin up to 1.01 on WordPress paypal-shortcode buttom_image cross site scripting

Inserito da Angelo Barbosa | Dic 11, 2025 | CVE

A vulnerability labeled as problematic has been found in Paypal Payment Shortcode Plugin up to 1.01 on WordPress. Affected by this vulnerability is the function paypal-shortcode of the component Shortcode Handler. The manipulation of the argument buttom_image results in cross site scripting.

This vulnerability is known as CVE-2025-13966. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-13966 | Paypal Payment Shortcode Plugin up to 1.01 on WordPress paypal-shortcode buttom_image cross site scripting

Post correlati

CVE-2025-4879 | Citrix Workspace App up to 2402 LTSR CU2/2402 LTSR CU3/2408 on Windows privileges management (CTX694718)

CVE-2024-44556 | Tenda AX1806 1.0.0.1 setIptvInfo stballvlans stack-based overflow

CVE-2024-38542 | Linux Kernel up to 6.8.11/6.9.2 mana_ib mana_ib_install_cq_cb buffer overflow (f12afddfb142/168f6fbde0ea/f79edef79b6a)

CVE-2024-34094 | Adobe Acrobat Reader up to 20.005.30574/24.002.20736 use after free (apsb24-29)