265 matches found
CVE-2024-10876
The CVE-2024-10876 entry concerns the Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More. It documents a Reflected Cross-Site Scripting vulnerability caused by improper escaping in add_query_arg/remove_query_arg, affecting all versions up to 1.8.3. Exploitati...
WordPress Charitable plugin <= 1.8.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Charitable versions = 1.8.3...
WordPress Charitable Plugin <= 1.8.3 is vulnerable to Cross Site Scripting (XSS)
Software Charitable Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10876 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2a28f1e125bc Credits Peter Thaleikis...
WordPress plugin Charitable 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-37510
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
CVE-2024-37506
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
CVE-2024-37510 WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
CVE-2024-37506 WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
CVE-2024-37510 WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
CVE-2024-37510
CVE-2024-37510 concerns WordPress plugin Charitable (Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress) with versions up to 1.8.1.7. The root cause is a missing authorization check that allows users to access functionality not constrained by ACLs. The vulnerabil...
CVE-2024-37506 WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7...
CVE-2024-37506
CVE-2024-37506 is a Missing Authorization vulnerability affecting WordPress plugin Charitable (Donation Forms by Charitable) up to version 1.8.1.7. The issue arises from access control that does not properly constrain certain functionality, enabling access to features not protected by ACLs. Publi...
WordPress plugin Charitable 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-27612 · Unknown · Charitable
Name of the Vulnerable Software and Affected Versions: Charitable versions 1.8.1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Charitable versions 1.8.1.7 and...
WordPress plugin Charitable 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-27616 · Unknown · Charitable
Name of the Vulnerable Software and Affected Versions: Charitable versions 1.8.1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Charitable versions 1.8.1.7 and...
CVE-2024-8791
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...
CVE-2024-8791
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...
CVE-2024-8791 Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress <= 1.8.1.14 - Insecure Direct Object Reference to Account Takeover and Privilege Escalation
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...
CVE-2024-8791
CVE-2024-8791 affects Charitable – Donation Plugin for WordPress (versions