CVE Details
Basic Information
| Title | CVE-2025-46543 |
|---|---|
| Type | cve |
| Published | 2025-05-19T17:15:27 |
| Last Seen | 2025-05-19T17:23:39 |
CVSS Information
| Base Score | 6.5 (MEDIUM) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A stored XSS vulnerability in the Enhanced Paypal Shortcodes plugin allows attackers to inject malicious scripts into web pages. This can lead to unauthorized actions and data theft. The issue stems from improper input neutralization during web page generation. |
|---|---|
| AI Severity | Medium |
| Vendor | WordPress Community |
| Product | Enhanced Paypal Shortcodes |
| Affected Version | n/a |
Additional Information
| CVE List | CVE-2025-46543 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Charly Leetham Enhanced Paypal Shortcodes allows Stored XSS. This issue affects Enhanced Paypal Shortcodes: from n/a…
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)