Lucene search
K

7 matches found

Nuclei
Nuclei
added 15 hours ago28 views

GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1. This is due to insufficient input validation on user-supplied data. An unauthenticated attacker can inject a serialized PHP object, which...

10CVSS7.5AI score0.28931EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2025/02/04 10:43 p.m.14 views

CVE-2024-8353

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'givetitle' and 'cardaddress'. This makes it possible for unauthenticate...

10CVSS7.8AI score0.74283EPSS
Exploits11References1
OpenVAS
OpenVAS
added 2024/10/16 12:0 a.m.20 views

WordPress GiveWP Plugin < 3.16.2 Multiple vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:givewp:givewp"; ifdescription...

10CVSS6.9AI score0.28931EPSS
Exploits3References2
GithubExploit
GithubExploit
added 2024/09/30 5:33 p.m.906 views

Exploit for Deserialization of Untrusted Data in Givewp

This post is a research article published by EQSTLabhttps://g...

10CVSS10AI score0.74283EPSS
Exploits11
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.20 views

WordPress GiveWP Plugin <= 3.16.2 is vulnerable to PHP Object Injection

Software GiveWP Type Plugin Vulnerable versions = 3.16.2 Fixed in 3.16.3 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-8353 Patch priority High CVSS severity High 10 Developer Liquid Web / StellarWP PSID ab27727ec281 Credits cuokon Required privilege Unauthenticated...

10CVSS9.5AI score0.28931EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2024/09/28 2:4 a.m.61 views

CVE-2024-8353 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'givetitle' and 'cardaddress'. This makes it possible for unauthenticate...

9.8CVSS0.28931EPSS
Exploits3References6
Circl
Circl
added 2024/08/28 8:39 p.m.20 views

CVE-2024-8353

creationtimestamp| type| source ---|---|--- 2024-08-28 20:39:04+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wpgivewprce.rb 2024-09-28 05:17:09+00:00| seen| https://t.me/cvedetector/6592 2024-09-30 08:27:47+00:00| published-proof-of-concept|...

10CVSS7.5AI score0.28931EPSS
Exploits3References23
Rows per page
Query Builder