Lucene search
K

3 matches found

EUVD
EUVD
added 2026/06/06 12:31 a.m.9 views

EUVD-2026-34927

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachment Deletion in versions up to, and including, 1.8.11.1 via the profile avatar...

4.3CVSS5.6AI score0.00285EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/06/05 11:28 p.m.35 views

CVE-2026-10038 Charitable <= 1.8.11.1 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Attachment Deletion via 'avatar' Parameter

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachment Deletion in versions up to, and including, 1.8.11.1 via the profile avatar...

4.3CVSS0.00285EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2026/06/05 11:28 p.m.7 views

CVE-2026-10038 Charitable <= 1.8.11.1 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Attachment Deletion via 'avatar' Parameter

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachment Deletion in versions up to, and including, 1.8.11.1 via the profile avatar...

4.3CVSS5.6AI score0.00285EPSS
Exploits0References12
Rows per page
Query Builder