CVE-2026-4650

The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the donateactionstatus AJAX handler, which is registered to be accessible to unauthenticated users vi...

CVE-2026-4650

The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the donateactionstatus AJAX handler, which is registered to be accessible to unauthenticated users vi...

CVE-2026-4650

The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the donateactionstatus AJAX handler, which is registered to be accessible to unauthenticated users vi...

CVE-2026-4650 FundPress <= 2.0.8 - Missing Authorization to Unauthenticated Arbitrary Donation Status Modification via donate_action_status AJAX Handler

The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the donateactionstatus AJAX handler, which is registered to be accessible to unauthenticated users vi...

CVE-2026-4650

The FundPress WordPress Donation Plugin (

CVE-2026-4650 FundPress <= 2.0.8 - Missing Authorization to Unauthenticated Arbitrary Donation Status Modification via donate_action_status AJAX Handler

The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the donateactionstatus AJAX handler, which is registered to be accessible to unauthenticated users vi...

WordPress plugin FundPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress FundPress – WordPress Donation Plugin plugin <= 2.0.8 - Missing Authorization to Unauthenticated Arbitrary Donation Status Modification vulnerability

Missing Authorization to Unauthenticated Arbitrary Donation Status Modification vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin FundPress versions = 2.0.8...

EUVD-2025-3805

Malicious code in bioql PyPI...

CVE-2025-24601

Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through = 2.0.6...

CVE-2025-24601

Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through = 2.0.6...

CVE-2025-24601 WordPress FundPress plugin <= 2.0.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through = 2.0.6...

CVE-2025-24601 WordPress FundPress plugin <= 2.0.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through = 2.0.6...

CVE-2025-24601

CVE-2025-24601 describes a deserialization of untrusted data vulnerability in the WordPress plugin FundPress (affected: versions up to and including 2.0.6). The underlying issue enables PHP object injection via deserialization, with a CVSSv3.1 base score of 9.8 (critical) and network attack vecto...

WordPress plugin FundPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

PT-2025-5437

Name of the Vulnerable Software and Affected Versions ThimPress FundPress versions n/a through 2.0.6 Description The issue is related to the deserialization of untrusted data, allowing object injection. This problem affects ThimPress FundPress, enabling potential attacks. Recommendations For...

WordPress FundPress plugin <= 2.0.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Le Ngoc Anh in WordPress Plugin FundPress versions = 2.0.6...