Amini7 Zarinpal_paid_download

2 CVEs affecting Amini7 Zarinpal_paid_download. Latest disclosed: 2025-02-11. Critical: 0, High: 0.

Top CVEs affecting Amini7 Zarinpal_paid_download
CVESeverityScorePublishedSummary
CVE-2024-13543Medium6.12025-02-11The Zarinpal Paid Download WordPress plugin through 2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected…
CVE-2024-13544Medium4.82025-02-11The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitr…