Wpplugin Paypal & Stripe Add-on — known CVE vulnerabilities
Every CVE whose affected-product data names Wpplugin Paypal & Stripe Add-on, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-29130 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 –…
CVE-2024-10683 — CVSS 6.1 (medium): The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of…
CVE-2023-24405 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on plugin <= 1.9.3 versions.
CVE-2024-1719 — CVSS 4.3 (medium): The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and…