PT-2026-5543 · WordPress · Sell Btc – Cryptocurrency Selling Calculator
Sarawut Poolkhet
·
Published
2026-01-31
·
Updated
2026-02-05
·
CVE-2025-14554
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress versions prior to 1.5.
Description
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the
orderform data AJAX action. Insufficient input sanitization and output escaping allow unauthenticated attackers to inject arbitrary web scripts into order records. These scripts will execute when an administrator views the Orders page within the admin dashboard.Recommendations
Update to a version newer than 1.5.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sell Btc – Cryptocurrency Selling Calculator