Vulnerabilities and security researches forget-cash get-cash

Jun 07, 2024

CVE, Research URL: f7d3ee6c55e4d1932e34eb74bb66b25bf509a97f
Home page URL: Security reports for Get Cash
Application: Get Cash
Date: Jul 18, 2023
Research Description: Get Cash [get-cash] < 3.2 WordPress Get Cash Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS) No patched version available. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Get Cash Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.
Affected versions: Min -, max -.
Status: vulnerable

Sep 07, 2025

CVE, Research URL: CVE-2025-58823
Home page URL: Security reports for Get Cash
Application: Get Cash
Date: Sep 05, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The African Boss Get Cash allows Stored XSS. This issue affects Get Cash: from n/a through 3.2.2.
Affected versions: Min -, max -.
Status: vulnerable