WordPress WhyDonate - FREE Donate button - Crowdfunding - Fundraising plugin <= 4.0.15 - Missing Authorization to Unauthenticated wp_wdplugin_style Rww Deletion vulnerability

WordPress WhyDonate - FREE Donate button - Crowdfunding - Fundraising plugin = 4.0.15 - Missing Authorization to Unauthenticated wpwdpluginstyle Rww Deletion vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Whydonate versions = 4.0.15...

CVE-2025-10186

CVE-2025-10186 affects the WordPress plugin “WhyDonate – FREE Donate button – Crowdfunding – Fundraising”. The vulnerability is an unauthorized data loss due to a missing capability check in the remove_row function, applicable to all versions up to and including 4.0.14. Unauthenticated attackers ...

CVE-2025-10186 WhyDonate – FREE Donate button – Crowdfunding – Fundraising <= 4.0.14 - Missing Authorization to Unauthenticated wp_wdplugin_style Rww Deletion

The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the removerow function in all versions up to, and including, 4.0.14. This makes it possible for unauthenticated attackers to delete...

CVE-2025-10186 WhyDonate – FREE Donate button – Crowdfunding – Fundraising <= 4.0.15 - Missing Authorization to Unauthenticated wp_wdplugin_style Rww Deletion

The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the removerow function in all versions up to, and including, 4.0.15. This makes it possible for unauthenticated attackers to delete...

EUVD-2025-34562

The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the removerow function in all versions up to, and including, 4.0.14. This makes it possible for unauthenticated attackers to delete...