CVE-2021-47948 - WordPress GetPaid Plugin 2.4.6 HTML Injection via Help Text
CVE ID :CVE-2021-47948 Published : May 10, 2026, 12:44 p.m. | 20 minutes ago Description :WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject arbitrary HTML code by exploiting the Help Text field in payment forms. Attackers can
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Summer Travel Is a Mess. The Points Guy Tells Us How to Hack It
- [CYBER] Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
- [CYBER] CVE-2021-47953 - OpenCart 3.0.3.7 Cross-Site Request Forgery via account/password
- [CYBER] CVE-2021-47951 - WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
- [CYBER] CVE-2021-47950 - Advanced Guestbook 2.4.4 Persistent XSS via Smilies
- [CYBER] CVE-2021-47949 - CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack