CVE-2026-2022

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednaosmartformsgetcampaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and...

WordPress plugin Smart Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2025-32424

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.10.0 via the 'registerGetForm', 'registerGetForms', 'registerGetCampaign' and 'registerGetCampaigns' functions due to a missing capability check...

CVE-2025-2331

CVE-2025-2331 affects the WordPress GiveWP – Donation Plugin and Fundraising Platform up to version 3.22.1. Root cause: misconfigured permissionsCheck enables authenticated attackers with Subscriber-level access and above to read sensitive data, including donor reports and donation amounts. Explo...

CVE-2018-21011

The charitable plugin before 1.5.14 for WordPress has unauthorized access to user and donation details...