FundEngine

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-48302	Roxnor FundEngine	Hig	0.49	7.5	0.00		Aug 20, 2025	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roxnor FundEngine wp-fundraising-donation allows PHP Local File Inclusion.This issue affects FundEngine: from n/a through <= 1.7.4.
CVE-2025-47459	Roxnor FundEngine	Med	0.28	4.3	0.00		May 7, 2025	Cross-Site Request Forgery (CSRF) vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through <= 1.7.3.

CVE-2025-48302HigAug 20, 2025
Roxnor
FundEngine
risk 0.49cvss 7.5epss 0.00
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roxnor FundEngine wp-fundraising-donation allows PHP Local File Inclusion.This issue affects FundEngine: from n/a through <= 1.7.4.
CVE-2025-47459MedMay 7, 2025
Roxnor
FundEngine
risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through <= 1.7.3.