Lucene search
K

15 matches found

Nuclei
Nuclei
added yesterday57 views

WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection

WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 contains an unauthenticated SQL injection vulnerability. It does not sanitize and escape a parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify...

9.8CVSS7.3AI score0.07879EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.10 views

CVE-2022-0788

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...

9.8CVSS7.6AI score0.07879EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35028

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00401EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-13856

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:53 a.m.6 views

CVE-2024-34758

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...

5.3CVSS6.9AI score0.00401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:25 p.m.5 views

CVE-2025-47459

Cross-Site Request Forgery CSRF vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through = 1.7.3...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:15 p.m.9 views

CVE-2025-47459

Cross-Site Request Forgery CSRF vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through = 1.7.3...

4.3CVSS0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:19 p.m.5 views

CVE-2025-47459 WordPress WP Fundraising Donation and Crowdfunding Platform <= 1.7.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in XpeedStudio WP Fundraising Donation and Crowdfunding Platform allows Cross Site Request Forgery. This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.7.3...

4.3CVSS4.6AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:19 p.m.40 views

CVE-2025-47459

CVE-2025-47459 is a CSRF vulnerability in the WordPress plugin WP Fundraising Donation and Crowdfunding Platform (affected versions: up to 1.7.3). The available connected sources describe the issue and confirm a fix was released in version 1.7.3, with CVSS 3.1 base score 4.3 (Medium) and no explo...

4.3CVSS7.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2024/06/11 5:16 p.m.23 views

CVE-2024-34758

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...

5.3CVSS0.00401EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 4:13 p.m.59 views

CVE-2024-34758

CVE-2024-34758 is a Missing Authorization (broken access control) vulnerability in the WP Fundraising Donation and Crowdfunding Platform (FundEngine) plugin for WordPress, affecting versions up to 1.6.4. Multiple sources confirm the issue and track it under CVE-2024-34758; Red Hat and NVD descrip...

5.3CVSS5.7AI score0.00401EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/11 4:13 p.m.25 views

CVE-2024-34758 WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...

5.3CVSS0.00401EPSS
Exploits0References1
Prion
Prion
added 2022/06/08 10:15 a.m.23 views

Sql injection

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...

7.5CVSS9.8AI score0.07879EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/06/06 8:50 a.m.132 views

CVE-2022-0788

WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 has an unauthenticated SQL injection via a REST route due to not sanitizing/escaping a parameter in a SQL statement. Impact per connected data: potential data disclosure, data modification, and potentially unauthorize...

9.8CVSS9.8AI score0.07879EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/06/06 8:50 a.m.29 views

CVE-2022-0788 WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...

10AI score0.07879EPSS
Exploits2References1
Rows per page
Query Builder