2 matches found
CVE-2026-11981
creationtimestamp| type| source ---|---|--- 2026-07-01 12:41:11+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mplk2tcsb32l 2026-07-01 22:03:01+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmjhhnwhj2o...
CVE-2026-11981 GiveWP <= 4.15.3 - Cross-Site Request Forgery
The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.15.3 This is due to missing nonce validation on the givesetnotificationstatushandler function. This makes it possible for unauthenticated attackers to disable donation email notificatio...