4 matches found
CVE-2024-5940
creationtimestamp| type| source ---|---|--- 2024-08-20 04:35:01+00:00| seen| https://t.me/cvedetector/3591...
CVE-2024-5940 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handlerequest' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to edi...
CVE-2024-5940 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handlerequest' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to edi...
WordPress GiveWP Plugin <= 3.13.0 is vulnerable to Broken Access Control
Software GiveWP Type Plugin Vulnerable versions = 3.13.0 Fixed in 3.14.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5940 Patch priority Medium CVSS severity Medium 6.5 Developer Liquid Web / StellarWP PSID c733c510d1d3 Credits villu164 Required...