Authenticated Arbitrary File Creation via Export function vulnerability discovered by Rafie Muhammad aka Yeraisci (Patchstack Alliance) in WordPress GiveWP plugin (versions <= 2.20.2).
Update the WordPress GiveWP plugin to the latest available version (at least 2.21.0).