The Simple Payment Donations & Subscriptions WordPress...
High severity
Unreviewed
Published
Sep 6, 2022
to the GitHub Advisory Database
•
Updated Jan 29, 2023
Description
Published by the National Vulnerability Database
Sep 5, 2022
Published to the GitHub Advisory Database
Sep 6, 2022
Last updated
Jan 29, 2023
The Simple Payment Donations & Subscriptions WordPress plugin before 4.2.1 does not sanitise and escape user input given in its forms, which could allow unauthenticated attackers to perform Cross-Site Scripting attacks against admins
References