| CVE-2024-41670 | PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard | 202ecommerce | paypal | High | 7.5 | 2024-07-26 14:46:14 | Deep Dive |
| CVE-2024-5448 | PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode <= 1.7 - Contributor+ Stored XSS | Unknown | PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode | 中危 | - | 2024-06-21 06:00:07 | Deep Dive |
| CVE-2024-5447 | PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode <= 1.7 - Admin+ Stored XSS | Unknown | PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode | 中危 | - | 2024-06-21 06:00:06 | Deep Dive |
| CVE-2024-35676 | WordPress Recurring PayPal Donations plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability | wpecommerce | Recurring PayPal Donations | Medium | 6.5 | 2024-06-08 16:05:41 | Deep Dive |
| CVE-2023-27460 | WordPress CP Contact Form with PayPal plugin <= 1.3.34 - Missing Authorization Leading To Feedback Submission vulnerability | CodePeople, paypaldev | CP Contact Form with Paypal | Medium | 4.3 | 2024-06-03 22:01:44 | Deep Dive |
| CVE-2024-3065 | PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode <= 1.7 - Authenticated (Admin+) Stored Cross-Site Scripting | mohsinrasool | PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode | Medium | 4.4 | 2024-05-23 01:56:20 | Deep Dive |
| CVE-2024-30527 | WordPress WP Express Checkout plugin <= 2.3.7 - Price Manipulation vulnerability | Tips and Tricks HQ | WP Express Checkout (Accept PayPal Payments) | High | 7.5 | 2024-05-17 08:21:00 | Deep Dive |
| CVE-2024-29130 | WordPress Contact Form 7 – PayPal & Stripe Add-on plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability | Scott Paterson | Contact Form 7 – PayPal & Stripe Add-on | High | 7.1 | 2024-03-19 13:55:18 | Deep Dive |
| CVE-2023-51683 | WordPress Easy PayPal Buy Now Button Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF) | Scott Paterson | Easy PayPal & Stripe Buy Now Button | Medium | 5.4 | 2024-02-28 16:45:07 | Deep Dive |
| CVE-2024-1719 | Easy PayPal & Stripe Buy Now Button <= 1.8.3 & Contact Form 7 – PayPal & Stripe Add-on <= 2.1 - Cross-Site Request Forgery to Settings Update | scottpaterson | Easy PayPal & Stripe Buy Now Button | Medium | 4.3 | 2024-02-28 09:33:35 | Deep Dive |
| CVE-2023-47239 | WordPress Easy PayPal Shopping Cart Plugin <= 1.1.10 is vulnerable to Cross Site Scripting (XSS) | Scott Paterson | Easy PayPal Shopping Cart | Medium | 6.5 | 2023-11-16 18:58:14 | Deep Dive |
| CVE-2023-24405 | WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF) | Scott Paterson | Contact Form 7 – PayPal & Stripe Add-on | Medium | 5.4 | 2023-07-10 11:58:09 | Deep Dive |
| CVE-2023-35917 | WordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF) | WooCommerce | WooCommerce PayPal Payments | Medium | 4.3 | 2023-06-22 11:47:53 | Deep Dive |
| CVE-2023-2406 | Event Registration Calendar By vcita <= 1.3.1 & Online Payments – Get Paid with PayPal, Square & Stripe <= 3.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | vcita | Event Registration Calendar By vcita | Medium | 6.4 | 2023-06-03 04:35:13 | Deep Dive |
| CVE-2023-2407 | Event Registration Calendar By vcita <= 1.3.1 & Online Payments – Get Paid with PayPal, Square & Stripe <= 3.10.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | vcita | Event Registration Calendar By vcita | Medium | 6.1 | 2023-06-03 04:35:13 | Deep Dive |
| CVE-2023-23785 | WordPress Exquisite PayPal Donation Plugin <= v2.0.0 is vulnerable to Cross Site Scripting (XSS) | DgCult | Exquisite PayPal Donation | Medium | 5.9 | 2023-05-03 14:12:59 | Deep Dive |
| CVE-2023-1554 | Quick Paypal Payments < 5.7.26.4 - Admin+ Stored XSS | Unknown | Quick Paypal Payments | 中危 | - | 2023-05-02 07:04:51 | Deep Dive |
| CVE-2023-23889 | WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) | Fullworks | Quick Paypal Payments | Medium | 6.5 | 2023-04-25 19:24:44 | Deep Dive |
| CVE-2023-22686 | WordPress Nice PayPal Button Lite Plugin <= 1.3.5 is vulnerable to Cross Site Request Forgery (CSRF) | TriniTronic | Nice PayPal Button Lite | Medium | 5.4 | 2023-04-23 11:22:41 | Deep Dive |
| CVE-2023-25713 | WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) | Fullworks | Quick Paypal Payments | High | 7.1 | 2023-04-07 12:54:32 | Deep Dive |