CVE-2025-68602
published 2025-12-24CVE-2025-68602: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows…
PriorityP427medium4.7CVSS 3.1
AVNACLPRNUIRSCCLINAN
EXPLOIT
EPSS
0.45%
35.7th percentile
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Phishing.This issue affects Accept Donations with PayPal & Stripe: from n/a through <= 1.5.2.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| scott_paterson | accept_donations_with_paypal_stripe | <= 1.5.2 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Accept Donations with PayPal <= 1.5.2 - Open Redirect
nuclei·CVSS 6.1
CVE-2025-68602 [MEDIUM] Accept Donations with PayPal <= 1.5.2 - Open Redirect
Accept Donations with PayPal <= 1.5.2 - Open Redirect
The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.5.2. This is due to insufficient validation on the redirect url supplied. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Template:
id: CVE-2025-68602
info:
name: Accept Donations with PayPal <= 1.5.2 - Open Redirect
author: Shivam Kamboj
severity: medium
description: |
The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.5.2. This is due to insufficient validation on the redirect url supplied. This makes i
2025-12-24
Published