15 matches found
WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection
WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 contains an unauthenticated SQL injection vulnerability. It does not sanitize and escape a parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify...
CVE-2022-0788
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...
EUVD-2024-35028
Malicious code in bioql PyPI...
EUVD-2025-13856
Malicious code in bioql PyPI...
CVE-2024-34758
Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...
CVE-2025-47459
Cross-Site Request Forgery CSRF vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through = 1.7.3...
CVE-2025-47459
Cross-Site Request Forgery CSRF vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through = 1.7.3...
CVE-2025-47459 WordPress WP Fundraising Donation and Crowdfunding Platform <= 1.7.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in XpeedStudio WP Fundraising Donation and Crowdfunding Platform allows Cross Site Request Forgery. This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.7.3...
CVE-2025-47459
CVE-2025-47459 is a CSRF vulnerability in the WordPress plugin WP Fundraising Donation and Crowdfunding Platform (affected versions: up to 1.7.3). The available connected sources describe the issue and confirm a fix was released in version 1.7.3, with CVSS 3.1 base score 4.3 (Medium) and no explo...
CVE-2024-34758
Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...
CVE-2024-34758
CVE-2024-34758 is a Missing Authorization (broken access control) vulnerability in the WP Fundraising Donation and Crowdfunding Platform (FundEngine) plugin for WordPress, affecting versions up to 1.6.4. Multiple sources confirm the issue and track it under CVE-2024-34758; Red Hat and NVD descrip...
CVE-2024-34758 WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...
Sql injection
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...
CVE-2022-0788
WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 has an unauthenticated SQL injection via a REST route due to not sanitizing/escaping a parameter in a SQL statement. Impact per connected data: potential data disclosure, data modification, and potentially unauthorize...
CVE-2022-0788 WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users...