Lucene search
K

10 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40888

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockid' and other shortcode attributes of the 'givewpcampaigncomments' shortcode in versions up to, and including, 4.16.0. This is due to insufficient input sanitizati...

6.4CVSS5.9AI score0.00241EPSS
Exploits0References12
Patchstack
Patchstack
added 3 days ago5 views

WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.15.3 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by javitoia in WordPress Plugin GiveWP versions = 4.15.3...

4.3CVSS5.8AI score0.00154EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-28780

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00227EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:28 a.m.3 views

CVE-2023-25450

Cross-Site Request Forgery CSRF vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin = 2.25.1 versions...

8.8CVSS7AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.3 views

WordPress plugin WP Fundraising Donation and Crowdfunding Platform 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

4.3CVSS6AI score0.0014EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/20 12:0 a.m.15 views

WP Fundraising Donation and Crowdfunding Platform < 1.7.0 - Missing Authorization

Description The WP Fundraising Donation and Crowdfunding Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions surrounding donation modification in versions up to, and including, 1.6.4. This makes it possible for...

5.3CVSS6.6AI score0.00401EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/02/10 9:15 a.m.2 views

CVE-2023-51415

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform allows Stored XSS.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 3.2.2...

5.4CVSS5.8AI score0.00332EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/05/31 12:0 a.m.7 views

WordPress Donation Platform for WooCommerce: Fundraising & Donation Management Plugin < 1.2.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Donation Platform for WooCommerce: Fundraising & Donation Management Type Plugin Vulnerable versions 1.2.10 Fixed in 1.2.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSI...

7AI score
Exploits0References2Affected Software1
OSV
OSV
added 2022/06/08 10:15 a.m.3 views

CVE-2022-0788

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...

9.8CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2022/06/08 12:0 a.m.4 views

WordPress plugin WP Fundraising Donation and Crowdfunding Platform SQL注入漏洞

WordPress and others are products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. crow and others are open source products. crow is a C micro framework for running Web services. WordPress WP...

9.8CVSS6AI score0.07879EPSS
Exploits2References3
Rows per page
Query Builder