CVE-2024-3714

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'giveform' shortcode when used with a legacy form in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping on use...

PT-2024-27329 · WordPress · Givewp

Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions up to, and including, 3.10.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'give form' shortcode when used with a legacy form. This is due to...