cleantalk
Vulnerabilities and Security Researches

Subscriptions & Memberships for PayPal, 93092747cf40140ada459f840e7a4eb5b10bc273

CVE, Research URL

93092747cf40140ada459f840e7a4eb5b10bc273

Home page URL

Security reports for Subscriptions & Memberships for PayPal

Application

Subscriptions & Memberships for PayPal

Published on
May 25, 2022
Research Description
Subscriptions &amp; Memberships for PayPal [subscriptions-memberships-for-paypal] < 1.1.6 Subscriptions & Memberships for PayPal <= 1.1.5 - Reflected Cross-Site Scripting The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Several additional security fixes were made up to version 1.1.6.
Affected versions
max 1.1.6.
Status
vulnerable
Previous vulnerability researches
Subscriptions &amp; Memberships for PayPal (CVE-2024-13560) , Feb 27, 2025
Subscriptions &amp; Memberships for PayPal (0e8c5f64cd19a4c34cdb988232fabeb3e5e31fb4) , Jun 07, 2024
Subscriptions &amp; Memberships for PayPal (CVE-2025-66107) , Dec 11, 2025
Subscriptions &amp; Memberships for PayPal (CVE-2025-12752) , Dec 11, 2025
Subscriptions &amp; Memberships for PayPal (93092747cf40140ada459f840e7a4eb5b10bc273) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026