CVE-2024-13758 | codepeople CP Contact Form with PayPal Plugin up to 1.3.52 on WordPress cp_contact_form_paypal_check_init_actions cross-site request forgery

Posted by Angelo Barbosa | Jan 30, 2025 | CVE

A vulnerability, which was classified as problematic, was found in codepeople CP Contact Form with PayPal Plugin up to 1.3.52 on WordPress. Affected is the function cp_contact_form_paypal_check_init_actions. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-13758. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-13758 | codepeople CP Contact Form with PayPal Plugin up to 1.3.52 on WordPress cp_contact_form_paypal_check_init_actions cross-site request forgery

Related Posts

CVE-2023-52197 | Impactpixel Ads Invalid Click Protection Plugin up to 1.0 on WordPress cross site scripting

CVE-2024-32758 | Johnson Controls exacqVision Client/exacqVision Server prior 24.06 inadequate encryption (icsa-24-214-01)

CVE-2024-39568 | Siemens SINEMA Remote Connect Client up to 3.2 Proxy Configuration command injection (ssa-868282)

CVE-2024-35110 | YzmCMS 7.1 application.class.php cross site scripting