5 matches found
WordPress GiveWP - Donation plugin and Fundraising Platform plugin <= 4.6.0 - Unauthenticated Donor Data Exposure vulnerability
WordPress GiveWP - Donation plugin and Fundraising Platform plugin = 4.6.0 - Unauthenticated Donor Data Exposure vulnerability discovered by WordFence in WordPress Plugin GiveWP versions = 4.6.0...
CVE-2025-8620
The vulnerability concerns the WordPress plugin GiveWP – Donation Plugin and Fundraising Platform. Affected versions are prior to 4.6.1 (and up to 4.6.0 per NVD/Red Hat entries). The issue is an Information Exposure that allows unauthenticated attackers to extract donor data (names, emails, donor...
PT-2025-12481 · Givewp · Givewp
Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions up to, and including, 3.22.1 Description: The issue allows authenticated attackers with Subscriber-level access and above to extract sensitive data, including reports detailing donors...
CVE-2021-4377
The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmmexportdonations function which is called via the adminpostdmmexport hook due to missing capability checks. This can allow authenticated attackers to extract a CS...
PT-2023-12488 · WordPress · Doneren Met Mollie
Name of the Vulnerable Software and Affected Versions: Doneren met Mollie plugin for WordPress versions up to and including 2.8.5 Description: The issue concerns Sensitive Data Exposure due to missing capability checks in the dmm export donations function, which is called via the admin post dmm...