1 results (0.006 seconds)
CVSS: 7.3EPSS: %CPEs: 1EXPL: 0
CVE-2023-25714 – Quick Paypal Payments <= 5.7.25 - Missing Authorization
https://notcve.org/view.php?id=CVE-2023-25714
The Quick Paypal Payments plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and nonce check on the 'download_logs' function in versions up to, and including, 5.7.25. This allows unauthenticated attackers to export and delete payment messages and modify payment message options. • CWE-862: Missing Authorization •