VYPR

Give

by WordPress

Source repositories

CVEs (4)

  • CVE-2019-20360HigJan 8, 2020
    risk 0.49cvss 7.5epss 0.02

    A flaw in Give before 2.5.5, a WordPress plugin, allowed unauthenticated users to bypass API authentication methods and access personally identifiable user information (PII) including names, addresses, IP addresses, and email addresses. Once an API key has been set to any meta…

  • CVE-2025-67467MedDec 9, 2025
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through <= 4.13.1.

  • CVE-2019-15317MedAug 22, 2019
    risk 0.35cvss 5.4epss 0.01

    The give plugin before 2.4.7 for WordPress has XSS via a donor name.

  • CVE-2025-66533MedDec 9, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through <= 4.13.1.