CVE-2025-14463 | Payment Button for PayPal Plugin up to 1.2.3.41 on WordPress AJAX Endpoint wppaypalcheckout_ajax_process_order authorization

Inserito da Angelo Barbosa | Gen 16, 2026 | CVE

A vulnerability categorized as critical has been discovered in Payment Button for PayPal Plugin up to 1.2.3.41 on WordPress. This affects the function wppaypalcheckout_ajax_process_order of the component AJAX Endpoint. The manipulation results in missing authorization.

This vulnerability is known as CVE-2025-14463. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-14463 | Payment Button for PayPal Plugin up to 1.2.3.41 on WordPress AJAX Endpoint wppaypalcheckout_ajax_process_order authorization

Post correlati

CVE-2023-51405 | BookingPress Plugin up to 1.0.74 on WordPress Price bookingpress_confirm_booking access control

CVE-2024-42564 | ERP 44bd04 delete id sql injection

CVE-2023-52482 | Linux Kernel up to 5.15.133/6.1.55/6.5.5 on x86 srso stack-based overflow

CVE-2023-53161 | sequoia-pgp buffered-reader Crate up to 1.0.1/1.1.4 on Rust out-of-bounds (GHSA-29mf-62xx-28jq)