CVE-2025-4521

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function vulnerability

WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated Subscriber+ Account Takeover/Privilege Escalation via idonatedonorprofile Function vulnerability discovered by kr0d in WordPress Plugin IDonate versions 2.1.5-2.1.9...

CVE-2025-4521

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-4521 IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-4521

The IDonate WordPress plugin (versions 2.1.5–2.1.9) is affected by a Privilege Escalation due to a missing capability check in idonate_donor_profile(). An attacker with Subscriber-level access or higher can hijack any account by reassigning its email via the donor_id and triggering a password res...

WordPress plugin IDonate 授权问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-20624

Name of the Vulnerable Software and Affected Versions IDonate – Blood Donation, Request And Donor Management System plugin for WordPress versions 2.1.5 through 2.1.9 Description The IDonate plugin for WordPress has a flaw that allows unauthorized privilege escalation. Attackers with...

WordPress IDonate plugin 2.0.0 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via admin_donor_profile_view Function vulnerability

WordPress IDonate plugin 2.0.0 - 2.1.9 - Missing Authorization to Authenticated Subscriber+ Sensitive Information Disclosure via admindonorprofileview Function vulnerability discovered by kr0d in WordPress Plugin IDonate versions 2.0.0-2.1.9...

WordPress IDonate - Blood Donation, Request And Donor Management System plugin <= 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability

WordPress IDonate - Blood Donation, Request And Donor Management System plugin = 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability discovered by Varakorn Chanthasri iCreaM in WordPress Plugin IDonate versions = 2.1.14...

CVE-2025-60045 WordPress IDonatePro plugin <= 2.1.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects IDonatePro: from n/a through = 2.1.11...

CVE-2025-67583

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

EUVD-2025-202070

Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583

Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583 WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583 WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through = 2.1.15...

CVE-2025-67583

CVE-2025-67583 concerns the WordPress IDonate plugin (ThemeAtelier IDonate) with a broken access control issue up to version 2.1.15. The vulnerability is described as a Missing Authorization vulnerability arising from incorrectly configured access control security levels in IDonate. Affected soft...

WordPress plugin IDonate 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-49957

Name of the Vulnerable Software and Affected Versions IDonate versions through 2.1.15 Description A missing authorization issue exists in ThemeAtelier IDonate, allowing exploitation of incorrectly configured access control security levels. Recommendations Update IDonate to a version greater than...

WordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin IDonate versions = 2.1.15...