Description
WordPress Plugin Accept Stripe Donation-AidWP is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently make unauthorized AJAX calls and access the debug logs. WordPress Plugin Accept Stripe Donation-AidWP version 2.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.9 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:6DAE6DCA-7474-4008-9FE5-4C62B9F12D0A
https://plugins.svn.wordpress.org/wp-stripe-donation/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.11)
Play Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3630)
WordPress Plugin Photospace Gallery Cross-Site Scripting (2.3.5)
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2)