1 results (0.006 seconds)

CVSS: 7.3EPSS: %CPEs: 1EXPL: 0

The Quick Paypal Payments plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and nonce check on the 'download_logs' function in versions up to, and including, 5.7.25. This allows unauthenticated attackers to export and delete payment messages and modify payment message options. • CWE-862: Missing Authorization •