WP Easy Pay – Payment and Donation form Builder for Square

Vulnerabilities 14Slug wp-easy-payLatest version 4.4.0WordPress.org →

Minimum safe version

4.2.12

Update to 4.2.12 or later to address 14 fixable vulnerabilities

Latest available4.4.0 ✓

Medium 5.4

2026-03-16< 4.2.12

CVE-2026-32587

CVE Wordfence

Medium 6.3

2024-10-16< 4.0.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 6.5

2024-07-24< 4.2.4

CVE-2024-5861

CVE Patchstack Wordfence

N/A

2023-07-18< 4.2

WordPress WP EasyPay Plugin <= 4.1 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Medium 4.3

2023-07-12< 3.2.3

CVE-2021-4411

CVE Wordfence WPScan

N/A

2023-06-07< 3.2.3

CVE-2021-4342

CVE

Medium 6.1

2023-08-16< 4.1

CVE-2023-1465

CVE Patchstack Wordfence WPScan

Medium 4.3

2023-05-25< 4.1

CVE-2022-47177

CVE Patchstack Wordfence WPScan

N/A

< 3.2.3

Various Affected Software (Various Versions) - Cross-Site Request Forgery Bypass

Wordfence

N/A

2022-03-04< 4.0.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

< 3.2.1

CSRF Bypass in Multiple Plugins

WPScan

N/A

2021-07-05< 3.2.3

WordPress WP EasyPay plugin <= 3.2.0 - Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

N/A

2022-02-28< 4.0.2

WordPress WP EasyPay plugin < 4.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

N/A

2022-02-28< 4.0.2

WordPress WP EasyPay plugin < 4.0.2 - Sensitive Information Disclosure vulnerability

Patchstack