CVE-2025-47517 — Cross-Site Request Forgery in Accept Donations With Paypal

CWE-352 — Cross-Site Request Forgery3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.1%

top 76.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wpplugin Accept Donations With Paypal Scott Paterson Accept Donations With Paypal Stripe

Timeline

PublishedMay 7

Description

Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Stored XSS.This issue affects Accept Donations with PayPal & Stripe: from n/a through <= 1.4.5.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5scott_paterson/accept_donations_with_paypal_stripe1.4.5

▶NVDwpplugin/accept_donations_with_paypal< 1.5

🔴Vulnerability Details

GHSA

GHSA-3qgh-jp39-263h: Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal allows Stored XSS↗2025-05-07

▶

CVEList

WordPress Accept Donations with PayPal plugin <= 1.4.5 - CSRF to Stored XSS vulnerability↗2025-05-07

▶