Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
givewp givewp vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-23668
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions.
Givewp Givewp
5.4
CVSSv3
CVE-2022-4448
The GiveWP WordPress plugin prior to 2.24.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting at...
Givewp Givewp
6.1
CVSSv3
CVE-2022-0252
The GiveWP WordPress plugin prior to 2.17.3 does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting
Givewp Givewp
5.3
CVSSv3
CVE-2020-20627
The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin up to and including 2.5.9 for WordPress allows unauthenticated settings change.
Givewp Givewp
6.5
CVSSv3
CVE-2022-40312
Server-Side Request Forgery (SSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a up to and including 2.25.1.
Givewp Givewp
9.8
CVSSv3
CVE-2023-32513
Deserialization of Untrusted Data vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a up to and including 2.25.3.
Givewp Givewp
8.8
CVSSv3
CVE-2023-25450
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin <= 2.25.1 versions.
Givewp Givewp
NA
CVE-2023-41665
Improper Privilege Management vulnerability in GiveWP allows Privilege Escalation.This issue affects GiveWP: from n/a up to and including 2.33.0.
NA
CVE-2022-40211
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP allows Stored XSS.This issue affects GiveWP: from n/a up to and including 2.25.1.
NA
CVE-2024-35679
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GiveWP allows Reflected XSS.This issue affects GiveWP: from n/a up to and including 3.12.0.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »