9 matches found
VulnCheck KEV: CVE-2024-5932
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a...
WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GiveWP Unauthenticated Donation Process Exploit', 'Description' = %q The GiveWP Donation Plugin and Fundraising Platform plugin for WordPress in...
WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution Exploit
The GiveWP Donation plugin and Fundraising Platform plugin for WordPress in all versions up to and including 3.14.1 is vulnerable to a PHP object injection POI flaw granting an unauthenticated attacker arbitrary code execution. This module requires Metasploit: https://metasploit.com/download...
Exploit for Deserialization of Untrusted Data in Givewp
This post is a research article published by EQSTLabhttps://g...
Exploit for Deserialization of Untrusted Data in Givewp
Proof-Of-Concept Code for CVE-2024-8353 This repository conta...
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 CVSS score: 10.0, impacts all versions of the plugin prior to version 3.14.2,...
CVE-2024-5932
creationtimestamp| type| source ---|---|--- 2024-08-20 04:34:57+00:00| seen| https://t.me/cvedetector/3590 2024-08-20 13:04:10+00:00| published-proof-of-concept| https://t.me/HackingInsights/10628 2024-08-20 18:01:05+00:00| seen| https://t.me/truesecator/6114 2024-08-21 07:42:25+00:00|...
CVE-2024-5932
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a PHP...
CVE-2024-5932 GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a PHP...