cleantalk
Vulnerabilities and Security Researches

Stripe Payment forms for WordPress Plugin – WP Full Pay, CVE-2023-28934

CVE, Research URL

CVE-2023-28934

Home page URL

Security reports for Stripe Payment forms for WordPress Plugin – WP Full Pay

Application

Stripe Payment forms for WordPress Plugin – WP Full Pay

Published on
Aug 08, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology WP Full Stripe Free plugin <= 1.6.1 versions.
Affected versions
max 7.0.6.
Status
vulnerable
Previous vulnerability researches
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2023-47667) , Jun 10, 2024
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-58789) , Sep 08, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2023-46088) , Jun 10, 2024
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2023-28934) , Jun 10, 2024
New vulnerability
Ultimate Blocks &#8211; WordPress Blocks Plugin (CVE-2025-49929) , Nov 11, 2025
URL Shortener Plugin For WordPress (CVE-2025-10740) , Nov 11, 2025
Preserve Code Formatting (CVE-2025-49386) , Nov 11, 2025
External Login (CVE-2025-11177) , Nov 11, 2025
External Login (CVE-2025-11196) , Nov 11, 2025