Giveasap
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30819 | Hig | 0.55 | 8.5 | 0.00 | Mar 27, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Igor Benic Simple Giveaways giveasap allows SQL Injection.This issue affects Simple Giveaways: from n/a through <= 2.48.1. | ||
| CVE-2021-24298 | Med | 0.40 | 6.1 | 0.03 | May 24, 2021 | The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS | ||
| CVE-2023-23893 | Med | 0.34 | 5.3 | 0.00 | Dec 9, 2024 | Missing Authorization vulnerability in Igor Benic Simple Giveaways allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through 2.48.0. | ||
| CVE-2025-47606 | Med | 0.28 | 4.3 | 0.00 | May 7, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways giveasap allows Cross Site Request Forgery.This issue affects Simple Giveaways: from n/a through <= 2.49.0. |
- risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Igor Benic Simple Giveaways giveasap allows SQL Injection.This issue affects Simple Giveaways: from n/a through <= 2.48.1.
- risk 0.40cvss 6.1epss 0.03
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Igor Benic Simple Giveaways allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through 2.48.0.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways giveasap allows Cross Site Request Forgery.This issue affects Simple Giveaways: from n/a through <= 2.49.0.