{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T09:10:04.203","vulnerabilities":[{"cve":{"id":"CVE-2025-14463","sourceIdentifier":"security@wordfence.com","published":"2026-01-17T04:16:07.593","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Payment Button for PayPal plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 1.2.3.41. This is due to the plugin exposing a public AJAX endpoint (`wppaypalcheckout_ajax_process_order`) that processes checkout results without any authentication or server-side verification of the PayPal transaction. This makes it possible for unauthenticated attackers to create arbitrary orders on the site with any chosen transaction ID, payment status, product name, amount, or customer information via direct POST requests to the AJAX endpoint, granted they can bypass basic parameter validation. If email sending is enabled, the plugin will also trigger purchase receipt emails to any email address supplied in the request, leading to order database corruption and unauthorized outgoing emails without any real PayPal transaction taking place."},{"lang":"es","value":"El plugin Payment Button para PayPal para WordPress es vulnerable a la creación de pedidos no autorizados en todas las versiones hasta la 1.2.3.41, inclusive. Esto se debe a que el plugin expone un endpoint AJAX público ('wppaypalcheckout_ajax_process_order') que procesa los resultados de la compra sin ninguna autenticación o verificación por parte del servidor de la transacción de PayPal. Esto hace posible que atacantes no autenticados creen pedidos arbitrarios en el sitio con cualquier ID de transacción, estado de pago, nombre de producto, cantidad o información del cliente elegidos a través de solicitudes POST directas al endpoint AJAX, siempre que puedan eludir la validación básica de parámetros. Si el envío de correos electrónicos está habilitado, el plugin también activará correos electrónicos de recibo de compra a cualquier dirección de correo electrónico proporcionada en la solicitud, lo que lleva a la corrupción de la base de datos de pedidos y a correos electrónicos salientes no autorizados sin que se realice ninguna transacción real de PayPal."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/wp-paypal/tags/1.2.3.41/wp-paypal-checkout.php#L249","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-paypal/tags/1.2.3.41/wp-paypal.php#L70","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-paypal/trunk/wp-paypal-checkout.php#L249","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-paypal/trunk/wp-paypal.php#L70","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3431974%40wp-paypal&new=3431974%40wp-paypal&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/814e50de-3690-4adf-bc01-a63cd71bd1cf?source=cve","source":"security@wordfence.com"}]}}]}