Wp Crowdfunding Security Vulnerabilities and Issues — Wp Crowdfunding CVE List

Lucene search

ThemeumWp Crowdfunding

3 matches found

CVE•added 2024/12/13 3:15 p.m.•41 views

CVE-2023-41870

Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5.

8.8CVSS4.7AI score0.00397EPSS

CVE•added 2024/12/13 9:15 a.m.•39 views

CVE-2024-11910

The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp-crowdfunding/search block in all versions up to, and including, 2.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-le...

6.4CVSS5.8AI score0.0004EPSS

CVE•added 2024/12/13 9:15 a.m.•36 views

CVE-2024-11911

The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_woocommerce_plugin() function action in all versions up to, and including, 2.1.12. This makes it possible for authenticated attackers, with Subscriber-level ac...

4.3CVSS4.4AI score0.00045EPSS