vulnerability
WordPress Plugin: easy-paypal-donation: CVE-2021-24989: Cross-Site Request Forgery (CSRF)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Dec 9, 2021 | May 15, 2025 | May 15, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Dec 9, 2021
Added
May 15, 2025
Modified
May 15, 2025
Description
The Accept Donations with PayPal WordPress plugin before 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing attackers to make a logged in admin delete arbitrary posts from the blog
Solution
easy-paypal-donation-plugin-cve-2021-24989

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.