PT-2026-5543 · WordPress · Sell Btc – Cryptocurrency Selling Calculator

Sarawut Poolkhet

·

Publicado

2026-01-31

·

Atualizado

2026-02-05

·

CVE-2025-14554

CVSS v3.1

7.2

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress versions prior to 1.5.
Description The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the orderform data AJAX action. Insufficient input sanitization and output escaping allow unauthenticated attackers to inject arbitrary web scripts into order records. These scripts will execute when an administrator views the Orders page within the admin dashboard.
Recommendations Update to a version newer than 1.5.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2025-14554

Produtos afetados

Sell Btc – Cryptocurrency Selling Calculator