| CVE-2025-39562 | WordPress Payment Form for PayPal Pro plugin <= 1.1.72 - Cross Site Scripting (XSS) Vulnerability | codepeople | Payment Form for PayPal Pro | - | - | 2025-04-17 15:46:49 | Deep Dive |
| CVE-2025-39572 | WordPress Checkout for PayPal plugin <= 1.0.38 - Cross Site Scripting (XSS) Vulnerability | Noor Alam | Checkout for PayPal | Medium | 6.5 | 2025-04-16 12:44:29 | Deep Dive |
| CVE-2025-1513 | Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 26.0.0.1 - Unauthenticated Stored Cross-Site Scripting | contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe | High | 7.2 | 2025-02-28 05:23:15 | Deep Dive |
| CVE-2025-1689 | ThemeMakers PayPal Express Checkout <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | ThemeMakers | ThemeMakers PayPal Express Checkout | Medium | 6.4 | 2025-02-27 06:48:40 | Deep Dive |
| CVE-2024-13560 | Subscriptions & Memberships for PayPal <= 1.1.6 - Cross-Site Request Forgery to Arbitrary Post Deletion | scottpaterson | Subscriptions & Memberships for PayPal | Medium | 4.3 | 2025-02-26 08:21:56 | Deep Dive |
| CVE-2024-13728 | Accept Donations with PayPal & Stripe <= 1.4.4 - Reflected Cross-Site Scripting | scottpaterson | Accept Donations with PayPal & Stripe | Medium | 6.1 | 2025-02-23 05:22:33 | Deep Dive |
| CVE-2024-11895 | Online Payments – Get Paid with PayPal, Square & Stripe <= 3.20.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | vcita | Online Payments – Get Paid with PayPal, Square & Stripe | Medium | 6.4 | 2025-02-18 07:28:13 | Deep Dive |
| CVE-2024-13758 | CP Contact Form with PayPal <= 1.3.52 - Cross-Site Request Forgery | codepeople | CP Contact Form with PayPal | Medium | 6.5 | 2025-01-30 08:21:26 | Deep Dive |
| CVE-2025-22661 | WordPress Online Payments plugin <= 3.20.0 - Cross Site Scripting (XSS) vulnerability | vcita | Online Payments – Get Paid with PayPal, Square & Stripe | Medium | 6.5 | 2025-01-21 17:21:51 | Deep Dive |
| CVE-2024-13398 | Checkout for PayPal <= 1.0.32 - Authenticated (Contributor+) Stored Cross-Site Scripting | naa986 | Checkout for PayPal | Medium | 6.4 | 2025-01-17 04:30:20 | Deep Dive |
| CVE-2024-13401 | Payment Button for PayPal <= 1.2.3.35 - Authenticated (Contributor+) Stored Cross-Site Scripting | naa986 | Payment Button for PayPal | Medium | 6.4 | 2025-01-17 04:30:19 | Deep Dive |
| CVE-2025-23930 | WordPress PayPal Marketing Solutions plugin <= 1.2 - Broken Access Control vulnerability | paypalmuse | PayPal Marketing Solutions | Medium | 4.3 | 2025-01-16 20:07:58 | Deep Dive |
| CVE-2025-22525 | WordPress Donation Block For PayPal Plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability | Bharat Kambariya | Donation Block For PayPal | Medium | 6.5 | 2025-01-07 14:57:30 | Deep Dive |
| CVE-2023-25026 | WordPress PayPal Brasil para WooCommerce plugin <= 1.4.2 - Broken Access Control vulnerability | Otávio Augusto | PayPal Brasil para WooCommerce | Medium | 4.3 | 2024-12-09 11:31:39 | Deep Dive |
| CVE-2023-25714 | WordPress Quick Paypal Payments plugin <= 5.7.25 - Broken Access Control vulnerability | fullworks | Quick Paypal Payments | High | 7.5 | 2024-12-09 11:31:30 | Deep Dive |
| CVE-2024-12128 | Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Reflected Cross-Site Scripting via monthly_sales_current_year Parameter | nshowketgmailcom | Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal | Medium | 6.1 | 2024-12-07 09:27:06 | Deep Dive |
| CVE-2024-12253 | Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update / Data Access | nshowketgmailcom | Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal | Medium | 5.4 | 2024-12-07 09:26:01 | Deep Dive |
| CVE-2024-53750 | WordPress PayPal Responder plugin <= 1.2 - CSRF to Stored XSS vulnerability | Maeve Lander | PayPal Responder | High | 7.1 | 2024-12-01 21:21:04 | Deep Dive |
| CVE-2024-11103 | Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover | contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe | Critical | 9.8 | 2024-11-28 09:47:09 | Deep Dive |
| CVE-2024-11362 | Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.112.0 - Reflected Cross-Site Scripting | peachpay | PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) | Medium | 6.1 | 2024-11-23 03:25:50 | Deep Dive |