A SQL injection vulnerability exists in the Impress GiveWP Give plugin up to and including 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote malicious user to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
givewp givewp |