CVE-2025-4521

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function vulnerability

WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated Subscriber+ Account Takeover/Privilege Escalation via idonatedonorprofile Function vulnerability discovered by kr0d in WordPress Plugin IDonate versions 2.1.5-2.1.9...

CVE-2025-4521

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-4521

The IDonate WordPress plugin (versions 2.1.5–2.1.9) is affected by a Privilege Escalation due to a missing capability check in idonate_donor_profile(). An attacker with Subscriber-level access or higher can hijack any account by reassigning its email via the donor_id and triggering a password res...

CVE-2025-4521 IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

PT-2026-20624

Name of the Vulnerable Software and Affected Versions IDonate – Blood Donation, Request And Donor Management System plugin for WordPress versions 2.1.5 through 2.1.9 Description The IDonate plugin for WordPress has a flaw that allows unauthorized privilege escalation. Attackers with...

WordPress plugin IDonate 授权问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress IDonate plugin 2.0.0 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via admin_donor_profile_view Function vulnerability

WordPress IDonate plugin 2.0.0 - 2.1.9 - Missing Authorization to Authenticated Subscriber+ Sensitive Information Disclosure via admindonorprofileview Function vulnerability discovered by kr0d in WordPress Plugin IDonate versions 2.0.0-2.1.9...

WordPress IDonate - Blood Donation, Request And Donor Management System plugin <= 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability

WordPress IDonate - Blood Donation, Request And Donor Management System plugin = 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability discovered by Varakorn Chanthasri iCreaM in WordPress Plugin IDonate versions = 2.1.14...

CVE-2025-60045 WordPress IDonatePro plugin <= 2.1.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects IDonatePro: from n/a through = 2.1.11...

CVE-2025-67583

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

EUVD-2025-202070

Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583

Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583 WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583

CVE-2025-67583 concerns the WordPress IDonate plugin (ThemeAtelier IDonate) with a broken access control issue up to version 2.1.15. The vulnerability is described as a Missing Authorization vulnerability arising from incorrectly configured access control security levels in IDonate. Affected soft...

CVE-2025-67583 WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

WordPress plugin IDonate 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-49957

Name of the Vulnerable Software and Affected Versions IDonate versions through 2.1.15 Description A missing authorization issue exists in ThemeAtelier IDonate, allowing exploitation of incorrectly configured access control security levels. Recommendations Update IDonate to a version greater than...

WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin IDonate versions = 2.1.15...