WordPress Plugin Vulnerabilities

Simple Paypal Shopping Cart <= 3.5 - Cross-Site Request Forgery (CSRF)

Description

The WordPress Simple PayPal Shopping Cart WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
wordpress-simple-paypal-shopping-cart
Fixed in 3.6

References

CVE
CVE-2013-2705

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Verified
No
WPVDB ID
b81ddb81-e8ab-4ee9-9943-0ea85e417129

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2023-02-28
Title
WoodMart < 7.1.2 - License Update/Deactivation via CSRF
Published
2024-04-01
Title
SecuPress Free — WordPress Security < 2.2.5.2 - Cross-Site Request Forgery to Banned IP Address
Published
2024-12-12
Title
Youtube Video Grid <= 1.9 - Cross-Site Request Forgery
Published
2025-02-24
Title
Photo Gallery ( Responsive ) <= 4.0 - Cross-Site Request Forgery to Privilege Escalation
Published
2023-08-02
Title
Upload Media By URL < 1.0.8 - Stored XSS via CSRF