3 matches found
Exploit for Missing Authorization in Givewp
CVE-2025-2025-52691-SmarterMail-Exp Environment Setup S...
CVE-2025-2025
creationtimestamp| type| source ---|---|--- 2025-03-15 11:44:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7680 2025-03-15 15:06:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkgfmsu3dh2s 2025-03-15 15:17:11+00:00| seen|...
CVE-2025-2025 Give <= 3.22.0 - Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Function
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the givereportsearnings function in all versions up to, and including, 3.22.0. This makes it possible for unauthenticated attackers to...