Vulnerabilities and security researches forpardakht-delkhah pardakht-delkhah

Jun 07, 2024

CVE, Research URL: CVE-2022-4307
Home page URL: Security reports for پلاگین پرداخت دلخواه
Application: پلاگین پرداخت دلخواه
Date: Jan 23, 2023
Research Description: The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin.
Affected versions: max 2.9.3.
Status: vulnerable

Aug 01, 2024

CVE, Research URL: CVE-2024-6230
Home page URL: Security reports for پلاگین پرداخت دلخواه
Application: پلاگین پرداخت دلخواه
Date: Jul 30, 2024
Research Description: The ?????? ?????? ?????? WordPress plugin through 2.9.8 does not have CSRF check in place when resetting its form fields, which could allow attackers to make a logged in admin perform such action via a CSRF attack
Affected versions: max 2.9.8.
Status: vulnerable

Jan 11, 2026

CVE, Research URL: CVE-2025-62101
Home page URL: Security reports for پلاگین پرداخت دلخواه
Application: پلاگین پرداخت دلخواه
Date: Dec 31, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0.
Affected versions: max 3.0.0.
Status: vulnerable