VYPR

Givewp

by Givewp

Source repositories

CVEs (45)

  • CVE-2024-5941Aug 20, 2024
    risk 0.00cvss epss 0.00

    The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'handle_request' function in all versions up to, and including, 3.14.1. This makes it possible for…

  • CVE-2024-37099Aug 19, 2024
    risk 0.00cvss epss 0.01

    Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.

  • CVE-2024-5977Jul 19, 2024
    risk 0.00cvss epss 0.00

    The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.13.0 via the 'handleRequest' function due to missing validation on a user controlled key. This makes it possible…

  • CVE-2023-41665May 17, 2024
    risk 0.00cvss epss 0.01

    Improper Privilege Management vulnerability in GiveWP allows Privilege Escalation.This issue affects GiveWP: from n/a through 2.33.0.

  • CVE-2023-23668May 8, 2023
    risk 0.00cvss epss 0.00

    Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions.

Page 3 of 3