Lucene search
+L

176 matches found

Cvelist
Cvelist
added 2025/01/24 10:52 a.m.20 views

CVE-2025-23621 WordPress Causes – Donation plugin <= 1.0.01 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in algothemes Causes – Donation Plugin causes allows Reflected XSS.This issue affects Causes – Donation Plugin: from n/a through = 1.0.01...

7.1CVSS0.0022EPSS
Exploits0References1
CVE
CVE
added 2025/01/24 10:52 a.m.59 views

CVE-2025-23621

CVE-2025-23621 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Causes – Donation Plugin (Causes) limited to versions 1.0.01 and earlier. The issue stems from improper input neutralization during web page generation, enabling attacker-supplied input to be reflected ...

7.1CVSS7.2AI score0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.4 views

PT-2025-4979 · Unknown · Causes – Donation Plugin

Name of the Vulnerable Software and Affected Versions: Causes – Donation Plugin versions 1.0.01 and below Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables attackers to inject...

7.1CVSS9.3AI score0.0022EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/01/24 12:0 a.m.6 views

WordPress plugin Causes – Donation Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers. WordPress plugin Causes - A...

7.1CVSS7.4AI score0.0022EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.5 views

WordPress Causes – Donation plugin <= 1.0.01 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Causes – Donation Plugin versions = 1.0.01...

7.1CVSS6.1AI score0.0022EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/11 12:0 a.m.10 views

PT-2025-1974 · Givewp · Givewp

Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions up to 3.19.2 Description: The issue allows unauthenticated attackers to inject a PHP Object via deserialization of untrusted input from the donation form, such as the firstName field...

9.8CVSS9.9AI score0.01268EPSS
Exploits1References10
Patchstack
Patchstack
added 2025/01/05 6:27 p.m.4 views

WordPress Paytm – Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Paytm Payment Donation versions = 2.3.1...

7.1CVSS6.1AI score0.00246EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/14 5:15 a.m.13 views

CVE-2024-11879

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-53752. Reason: This candidate is a reservation duplicate of CVE-2024-53752. Notes: All CVE users should reference CVE-2024-53752 instead of this candidate. All references and descriptions in this candidate have been...

Exploits0
Positive Technologies
Positive Technologies
added 2024/12/14 12:0 a.m.4 views

PT-2024-17315 · WordPress · Stripe Donation Plugin

Name of the Vulnerable Software and Affected Versions: Stripe Donation plugin for WordPress versions 1.2.5 and earlier Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'stripe donation' shortcode due to insufficient input sanitization and output escaping on...

6.4CVSS6.2AI score
Exploits0References9
Patchstack
Patchstack
added 2024/11/28 12:20 p.m.9 views

WordPress Stripe Donation plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Stripe Donation versions = 1.2.5...

6.5CVSS6.1AI score0.00229EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/11/09 7:15 a.m.10 views

CVE-2024-10876

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. Thi...

6.1CVSS0.0036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/09 6:41 a.m.6 views

CVE-2024-10876 Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.3 - Reflected Cross-Site Scripting

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. Thi...

6.1CVSS6.4AI score0.0036EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/09 6:41 a.m.18 views

CVE-2024-10876 Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.3 - Reflected Cross-Site Scripting

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. Thi...

6.1CVSS0.0036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/29 4:36 p.m.19 views

CVE-2024-50459 WordPress AidWP plugin <= 3.2.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Hossni Mubarak AidWP wp-stripe-donation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AidWP: from n/a through = 3.2.3...

5.3CVSS5.9AI score0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/29 4:36 p.m.40 views

CVE-2024-50459 WordPress AidWP plugin <= 3.2.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Hossni Mubarak AidWP wp-stripe-donation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AidWP: from n/a through = 3.2.3...

5.3CVSS0.004EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.5 views

PT-2024-34234 · WordPress · Wordpress Stripe Donation/Payment Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Stripe Donation and Payment Plugin versions 3.2.3 and earlier Description: The issue is related to missing authorization in the HM Plugin WordPress Stripe Donation and Payment Plugin, allowing exploitation due to incorrectly...

9.8CVSS6.5AI score0.004EPSS
Exploits0References5
CVE
CVE
added 2024/10/16 2:5 a.m.71 views

CVE-2024-9634

CVE-2024-9634 affects GiveWP – Donation Plugin and Fundraising Platform for WordPress (

9.8CVSS10AI score0.01399EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.3 views

WordPress plugin GiveWP – Donation Plugin and Fundraising Platform 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9.8CVSS7.2AI score0.01399EPSS
Exploits0References2
NVD
NVD
added 2024/09/28 2:15 a.m.40 views

CVE-2024-8353

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'givetitle' and 'cardaddress'. This makes it possible for unauthenticate...

9.8CVSS0.28931EPSS
Exploits3References6
Vulnrichment
Vulnrichment
added 2024/09/28 2:4 a.m.31 views

CVE-2024-8353 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'givetitle' and 'cardaddress'. This makes it possible for unauthenticate...

10CVSS8AI score0.28931EPSS
Exploits3References6
Rows per page
Query Builder