3 matches found
WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection
WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 contains an unauthenticated SQL injection vulnerability. It does not sanitize and escape a parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify...
CVE-2024-34758 WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4...
CVE-2024-34758
CVE-2024-34758 is a Missing Authorization (broken access control) vulnerability in the WP Fundraising Donation and Crowdfunding Platform (FundEngine) plugin for WordPress, affecting versions up to 1.6.4. Multiple sources confirm the issue and track it under CVE-2024-34758; Red Hat and NVD descrip...