CVE-2026-42642 WordPress GiveWP plugin <= 4.14.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through = 4.14.5...

WordPress GiveWP - Donation Plugin and Fundraising Platform plugin <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution vulnerability

WordPress GiveWP - Donation Plugin and Fundraising Platform plugin = 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution vulnerability discovered by villu164 in WordPress Plugin GiveWP versions = 3.14.1...

WordPress GiveWP - Donation plugin and Fundraising Platform plugin <= 4.6.0 - Unauthenticated Donor Data Exposure vulnerability

WordPress GiveWP - Donation plugin and Fundraising Platform plugin = 4.6.0 - Unauthenticated Donor Data Exposure vulnerability discovered by WordFence in WordPress Plugin GiveWP versions = 4.6.0...

CVE-2025-66533

CVE-2025-66533 is an authentication‑free vulnerability in GiveWP (WordPress donation plugin) that enables arbitrary shortcode execution through GiveWP versions affected up to 4.13.1. The issue is confirmed in the Wordfence Intelligence vulnerability tracking and is categorized as Improper Control...

WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.10.0 - Missing Authorization to Unauthenticated Forms and Campaigns Disclosure vulnerability

Missing Authorization to Unauthenticated Forms and Campaigns Disclosure vulnerability discovered by Rafshanzani Suhada in WordPress Plugin GiveWP versions = 4.10.0...

CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...

CVE-2025-22777 WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give allows Object Injection.This issue affects GiveWP: from n/a through = 3.19.3...

CVE-2023-47183 WordPress GiveWP plugin <= 2.33.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through = 2.33.1...

WordPress GiveWP plugin <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post Actions vulnerability

Insecure Direct Object Reference to Authenticated GiveWP Worker+ Arbitrary Post Actions vulnerability discovered by Thanh Nam Tran in WordPress Plugin GiveWP versions = 3.13.0...

WordPress GiveWP Plugin <= 3.6.1 is vulnerable to Cross Site Scripting (XSS)

Software GiveWP Type Plugin Vulnerable versions = 3.6.1 Fixed in 3.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1957 Patch priority Low CVSS severity Low 6.5 Developer Liquid Web / StellarWP PSID f3cbd83f12af Credits Ngô Thiên An ancorn Requir...

WordPress GiveWP Plugin <= 2.33.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software GiveWP Type Plugin Vulnerable versions = 2.33.3 Fixed in 2.33.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4247 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID fe1779b76e9b Credits Marco Wotschka...

WordPress GiveWP Plugin <= 2.33.0 is vulnerable to Privilege Escalation

Software GiveWP Type Plugin Vulnerable versions = 2.33.0 Fixed in 2.33.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41665 Patch priority High CVSS severity High 7.2 Developer Liquid Web / StellarWP PSID db573163f3a2 Credits Rafie...

WordPress GiveWP plugin <= 2.20.2 - Donor Information Disclosure vulnerability

Donor Information Disclosure vulnerability discovered by Kane Gamble Blackfoot UK in WordPress GiveWP plugin versions = 2.20.2. Solution Update the WordPress GiveWP plugin to the latest available version at least 2.21.0...

WordPress GiveWP Plugin < 2.17.3 Multiple Vulnerabilities

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

WordPress GiveWP Plugin < 2.10.4 XSS Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...