3 matches found
CVE-2024-5939 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Limited Information Exposure
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to read the...
CVE-2024-5939 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Limited Information Exposure
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to read the...
WordPress GiveWP Plugin <= 3.13.0 is vulnerable to Broken Access Control
Software GiveWP Type Plugin Vulnerable versions = 3.13.0 Fixed in 3.14.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5939 Patch priority Low CVSS severity Low 5.3 Developer Liquid Web / StellarWP PSID 8ee538f964d1 Credits villu164 Required privilege...