VYPR

Donation Forms by Charitable

by WordPress

Source repositories

CVEs (3)

  • CVE-2023-4404CriAug 23, 2023
    risk 0.64cvss 9.8epss 0.01

    The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. This makes it possible for unauthenticated attackers to specify their user…

  • CVE-2024-8791CriSep 24, 2024
    risk 0.57cvss 9.8epss 0.01

    The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID…

  • CVE-2023-47816MedNov 22, 2023
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.13 versions.