CVE-2025-68602 identifies an open redirect vulnerability in the 'Accept Donations with PayPal' WordPress plugin developed by Scott Paterson, affecting all versions up to and including 1.5.1. Open redirect vulnerabilities occur when an application accepts a user-controlled input that specifies a URL to which the user is redirected after an action, without proper validation. In this case, the plugin fails to properly validate or restrict redirect URLs, allowing attackers to craft malicious URLs that appear legitimate but redirect users to untrusted external sites. This can be exploited in phishing campaigns where attackers send links that seem to originate from a trusted donation site but lead victims to malicious pages designed to steal credentials or distribute malware. The vulnerability does not require authentication, increasing its risk profile, but does require user interaction to click the malicious link. Although no known exploits have been reported in the wild, the vulnerability is publicly disclosed and could be targeted by attackers. The lack of a CVSS score indicates that the vulnerability is newly published and not yet fully assessed. The plugin is commonly used by organizations to facilitate PayPal donations on their websites, making it a relevant target for attackers aiming to compromise donor trust or redirect traffic for malicious purposes.

For European organizations using the 'Accept Donations with PayPal' plugin, this vulnerability can lead to significant reputational damage if donors are redirected to phishing or malware sites. Confidentiality of donor information could be compromised if attackers use the redirect to harvest credentials or payment details. The integrity of the donation process is undermined, potentially leading to financial losses or donor mistrust. Availability is less directly impacted, but user trust and website credibility may suffer, reducing donation volumes. Nonprofits and charities relying on online donations are particularly vulnerable. The phishing vector enabled by this vulnerability can also be leveraged in broader social engineering campaigns targeting European users. Given the widespread use of WordPress and PayPal donation plugins in Europe, the potential scale of impact is considerable, especially in countries with active charitable sectors and high online donation volumes.

Organizations should monitor for an official patch from the plugin vendor and apply updates promptly once available. In the interim, administrators can implement strict validation of redirect URLs by modifying plugin code or using web application firewalls (WAFs) to block suspicious redirect parameters. Educate users and donors to be cautious of unexpected redirects and verify URLs before clicking. Employ security headers such as Content Security Policy (CSP) to restrict navigation to trusted domains. Regularly audit website plugins for vulnerabilities and remove or replace plugins that are no longer maintained or patched. Consider implementing multi-factor authentication for administrative access to reduce risk of plugin tampering. Finally, monitor web traffic and logs for unusual redirect patterns that may indicate exploitation attempts.