CVE-2023-25714 – Quick Paypal Payments <= 5.7.25 - Missing Authorization

https://notcve.org/view.php?id=CVE-2023-25714

The Quick Paypal Payments plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and nonce check on the 'download_logs' function in versions up to, and including, 5.7.25. This allows unauthenticated attackers to export and delete payment messages and modify payment message options. • CWE-862: Missing Authorization •