16 matches found
CVE-2026-1573
The OMIGO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's omigodonatebutton shortcode in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1573 OMIGO <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The OMIGO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's omigodonatebutton shortcode in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1573
Summary: CVE-2026-1573 affects the WordPress OMIGO plugin (versions up to and including 3.3). Vulnerability: Stored Cross-Site Scripting via the plugin’s omigo_donate_button shortcode. Insufficient input sanitization and output escaping on user-supplied attributes. Impact: Authenticated attackers...
CVE-2026-1573
The OMIGO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's omigodonatebutton shortcode in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2026-6890
Name of the Vulnerable Software and Affected Versions OMIGO plugin for WordPress versions up to and including 3.3 Description The OMIGO plugin for WordPress is susceptible to Stored Cross-Site Scripting through the omigo donate button shortcode. Insufficient input sanitization and output escaping...
WordPress plugin OMIGO 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-1380
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
CVE-2026-1380
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
CVE-2026-1380 Bitcoin Donate Button <= 1.0 - Cross-Site Request Forgery to Settings Update
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
CVE-2026-1380
CVE-2026-1380 affects the Bitcoin Donate Button WordPress plugin (
EUVD-2026-4924
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
WordPress Bitcoin Donate Button plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Bitcoin Donate Button versions = 1.0...
WordPress Plugin: Bitcoin Donation Button – Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-5095
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Whydonate Whydonate – FREE Donate button – Crowdfunding – Fundraising plugin = 3.12.15 versions...
CVE-2023-29238
CVE-2023-29238 is a CSRF vulnerability in the WordPress plugin Whydonate – FREE Donate button (wp-whydonate) affecting versions