Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
givewp givewp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31475
Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
Givewp Givewp
NA
CVE-2023-4247
The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_sendwp_disconnect function. This makes it possible for unauthenticated malicious users to deactiv...
Givewp Givewp
NA
CVE-2023-4248
The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_stripe_disconnect_connect_stripe_account function. This makes it possible for unauthenticated mal...
Givewp Givewp
NA
CVE-2023-0224
The GiveWP WordPress plugin prior to 2.24.1 does not properly escape user input before it reaches SQL queries, which could let unauthenticated attackers perform SQL Injection attacks
Givewp Givewp
4.3
CVSSv2
CVE-2021-24213
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin prior to 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors page.
Givewp Givewp
NA
CVE-2023-22719
Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a up to and including 2.25.1.
Givewp Givewp
3.5
CVSSv2
CVE-2021-24524
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin prior to 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them.
Givewp Givewp
NA
CVE-2023-25450
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin <= 2.25.1 versions.
Givewp Givewp
3.5
CVSSv2
CVE-2019-15317
The give plugin prior to 2.4.7 for WordPress has XSS via a donor name.
Givewp Givewp
4.3
CVSSv2
CVE-2019-9909
The "Donation Plugin and Fundraising Platform" plugin prior to 2.3.1 for WordPress has wp-admin/edit.php csv XSS.
Givewp Givewp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »