cleantalk
Vulnerabilities and Security Researches

پلاگین پرداخت دلخواه, CVE-2022-4307

CVE, Research URL

CVE-2022-4307

Home page URL

Security reports for پلاگین پرداخت دلخواه

Application

پلاگین پرداخت دلخواه

Published on
Jan 23, 2023
Research Description
The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin.
Affected versions
max 2.9.3.
Status
vulnerable
Previous vulnerability researches
پلاگین پرداخت دلخواه (CVE-2025-62101) , Jan 11, 2026
پلاگین پرداخت دلخواه (CVE-2024-6230) , Aug 01, 2024
پلاگین پرداخت دلخواه (CVE-2022-4307) , Jun 07, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026