CVE-2023-1465

Name of the Vulnerable Software and Affected Versions WP EasyPay WordPress plugin versions prior to 4.1

Description The issue is related to Reflected Cross-Site Scripting, where some generated URLs are not properly escaped before being outputted back in pages. This could be used against high-privilege users, such as admins.

Recommendations For versions prior to 4.1, update to version 4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive pages or disabling potentially vulnerable features until the update is applied.