WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection

WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 contains an unauthenticated SQL injection vulnerability. It does not sanitize and escape a parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify...

PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting

PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting XSS via the "action" parameter of index.php. id: CVE-2023-40751 info: name: PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | PHPJabbers Fundraising Script v1.0 is...

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

CVE-2022-0788

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...

WordPress plugin GiveWP – Donation Plugin and Fundraising Platform 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scriptin...

WordPress GiveWP - Donation plugin and Fundraising Platform plugin <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name' vulnerability

WordPress GiveWP - Donation plugin and Fundraising Platform plugin = 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name' vulnerability discovered by shark3y in WordPress Plugin GiveWP versions = 4.13.0...

EUVD-2020-14990

Malware in sbrugna...

EUVD-2020-14988

Malware in sbrugna...

EUVD-2020-14989

Malware in sbrugna...

EUVD-2020-14987

Malware in sbrugna...

CVE-2025-11228 GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign Association

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the registerAssociateFormsWithCampaign function in all versions up to, and including, 4.10.0. This makes it possible for unauthenticat...

CVE-2025-11227

CVE-2025-11227 concerns the GiveWP – Donation Plugin and Fundraising Platform for WordPress. Wordfence and related feeds document a vulnerability in all versions up to 4.10.0 where missing capability checks in REST endpoints (registerGetForm, registerGetForms, registerGetCampaign, registerGetCamp...

EUVD-2023-29405

Malicious code in bioql PyPI...

EUVD-2024-47068

Malicious code in bioql PyPI...

EUVD-2023-45315

Malicious code in bioql PyPI...

EUVD-2023-32815

Malicious code in bioql PyPI...

EUVD-2024-36720

Malicious code in bioql PyPI...

EUVD-2024-36717

Malicious code in bioql PyPI...

EUVD-2023-45304

Malicious code in bioql PyPI...

EUVD-2024-35028

Malicious code in bioql PyPI...