4 matches found
CVE-2024-8791
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...
CVE-2024-8791
creationtimestamp| type| source ---|---|--- 2024-09-24 05:42:08+00:00| seen| https://t.me/cvedetector/6238...
CVE-2024-8791 Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress <= 1.8.1.14 - Insecure Direct Object Reference to Account Takeover and Privilege Escalation
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...
WordPress Charitable Plugin <= 1.8.1.14 is vulnerable to Privilege Escalation
Software Charitable Type Plugin Vulnerable versions = 1.8.1.14 Fixed in 1.8.1.15 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8791 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 04c66e8c147c Credits wesley...