Lucene search

Wp Fundraising Donation And Crowdfunding Platform Security Vulnerabilities

cve

CVE-2022-0788

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users

9.8CVSS

9.8AI Score

0.04EPSS

2022-06-08 10:15 AM

cve

CVE-2024-34758

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4.

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-11 05:16 PM

cve

CVE-2024-6698

The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level ...

8.8CVSS

8.8AI Score

0.001EPSS

2024-08-01 04:15 AM