3 matches found
CVE-2024-12877
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input from the donation form like 'firstName'. This makes it possible for unauthenticated attackers to...
CVE-2024-12877
creationtimestamp| type| source ---|---|--- 2025-01-11 07:57:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113808655813154438 2025-01-11 08:04:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1282 2025-01-11 08:16:13+00:00| seen|...
CVE-2024-12877 GiveWP – Donation Plugin and Fundraising Platform <= 3.19.2 - Unauthenticated PHP Object Injection
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input from the donation form like 'firstName'. This makes it possible for unauthenticated attackers to...