cpe:/a:payment_form_for_paypal_pro_project:payment_form_for_paypal_pro:1.0.1::~~~wordpress~~ CVE-2015-7666 2017-12-27T14:29:00.317-05:00 2018-01-11T13:46:53.370-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2018-01-10T13:27:43.897-05:00 BUGTRAQ 20151004 Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin CONFIRM https://plugins.trac.wordpress.org/changeset/1254452/payment-form-for-paypal-pro CONFIRM https://wordpress.org/plugins/payment-form-for-paypal-pro/#developers MISC https://wpvulndb.com/vulnerabilities/8210 Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the cal parameter.