cleantalk
Vulnerabilities and Security Researches

Subscriptions & Memberships for PayPal, 34ea00d1-3f45-4550-9d22-5a966e9c01b9

CVE, Research URL

34ea00d1-3f45-4550-9d22-5a966e9c01b9

Home page URL

Security reports for Subscriptions & Memberships for PayPal

Application

Subscriptions & Memberships for PayPal

Published on
-
Research Description
Subscriptions &amp; Memberships for PayPal [subscriptions-memberships-for-paypal] < 1.1.3 Multiple Plugins from WPPlugin - Reflected Cross-Site Scripting via page Parameter The plugins do not escape a page parameter before outputting it back in an attribute in various admin pages, leading to Reflected Cross-Site Scripting issues. The issues were reported to the vendor on August 10th, 2021
Affected versions
max 1.1.3.
Status
vulnerable
Previous vulnerability researches
Elizaibots (CVE-2025-49893) , Aug 20, 2025
Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026
New vulnerability
Crelly Slider (939a309f-af0e-4ad4-bd25-c00884d64244) , Jun 16, 2026
Crelly Slider (317d0c1690e157db08672ce6e5d57d3de655f951) , Jun 16, 2026
Crelly Slider (f4ed15eda2d328c370f89897d7101137944dcdfb) , Jun 16, 2026
Woopra Analytics Plugin (ef76bfd9d1cbccf014412cf89b16db92db63e452) , Jun 16, 2026
Woopra Analytics Plugin (fe88ceff285c097ba508b1fb87390208ea8a4660) , Jun 16, 2026