Lucene search
K

9 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/03/19 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-5932

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a...

10CVSS5.8AI score0.74283EPSS
Exploits11References1
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.728 views

WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GiveWP Unauthenticated Donation Process Exploit', 'Description' = %q The GiveWP Donation Plugin and Fundraising Platform plugin for WordPress in...

10CVSS7.1AI score0.74283EPSS
Exploits11
0day.today
0day.today
added 2024/08/29 12:0 a.m.366 views

WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution Exploit

The GiveWP Donation plugin and Fundraising Platform plugin for WordPress in all versions up to and including 3.14.1 is vulnerable to a PHP object injection POI flaw granting an unauthenticated attacker arbitrary code execution. This module requires Metasploit: https://metasploit.com/download...

10CVSS8.4AI score0.74283EPSS
Exploits11
GithubExploit
GithubExploit
added 2024/08/25 11:51 a.m.546 views

Exploit for Deserialization of Untrusted Data in Givewp

This post is a research article published by EQSTLabhttps://g...

10CVSS10AI score0.74283EPSS
Exploits11
GithubExploit
GithubExploit
added 2024/08/21 9:51 a.m.1012 views

Exploit for Deserialization of Untrusted Data in Givewp

Proof-Of-Concept Code for CVE-2024-8353 This repository conta...

10CVSS10AI score0.74283EPSS
Exploits11
The Hacker News
The Hacker News
added 2024/08/21 4:35 a.m.140 views

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 CVSS score: 10.0, impacts all versions of the plugin prior to version 3.14.2,...

10CVSS8.6AI score0.74283EPSS
Exploits11
Circl
Circl
added 2024/08/20 4:34 a.m.95 views

CVE-2024-5932

creationtimestamp| type| source ---|---|--- 2024-08-20 04:34:57+00:00| seen| https://t.me/cvedetector/3590 2024-08-20 13:04:10+00:00| published-proof-of-concept| https://t.me/HackingInsights/10628 2024-08-20 18:01:05+00:00| seen| https://t.me/truesecator/6114 2024-08-21 07:42:25+00:00|...

10CVSS7.1AI score0.74283EPSS
Exploits11References46
OSV
OSV
added 2024/08/20 2:15 a.m.5 views

CVE-2024-5932

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a PHP...

9.8CVSS6.1AI score0.74283EPSS
Exploits11References8
Vulnrichment
Vulnrichment
added 2024/08/20 2:3 a.m.132 views

CVE-2024-5932 GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a PHP...

10CVSS7.7AI score0.74283EPSS
Exploits11References8
Rows per page
Query Builder