Charitable Security Vulnerabilities and Issues — Charitable CVE List

WpcharitableCharitable

6 matches found

CVE•added 2023/08/23 1:58 a.m.•121 views

CVE-2023-4404

CVE-2023-4404: Privilege escalation in Donation Forms by Charitable for WordPress. Vulnerable in Charitable versions up to 1.7.0.12 due to insufficient restriction in update_core_user, allowing unauthenticated attackers to specify their role during registration. Wordfence and Red Hat advisories d...

9.8CVSS9.4AI score0.00296EPSS

CVE•added 2023/11/22 10:57 p.m.•70 views

CVE-2023-47816

CVE-2023-47816 affects the WordPress Charitable plugin called Charitable Donations & Fundraising Team Donation Forms. Vulnerable in versions

6.5CVSS5.8AI score0.00077EPSS

CVE•added 2024/09/24 2:31 a.m.•54 views

CVE-2024-8791

CVE-2024-8791 affects Charitable – Donation Plugin for WordPress (versions

9.8CVSS9.7AI score0.00288EPSS

CVE•added 2021/08/23 11:10 a.m.•46 views

CVE-2021-24531

CVE-2021-24531 affects the WordPress Charitable – Donation Plugin, versions before 1.6.51. Affected component: add donation feature. Root cause: authenticated stored cross-site scripting (XSS) in the add donation form, enabling script execution with authenticated access. Impact details in sources...

5.4CVSS5.1AI score0.00533EPSS

Web

CVE•added 2023/05/10 10:10 a.m.•38 views

CVE-2022-47441

CVE-2022-47441 affects the WordPress plugin Charitable Donations & Fundraising Team Donation Forms by Charitable, versions

7.1CVSS6.1AI score0.00287EPSS

CVE•added 2019/09/09 12:3 p.m.•32 views

CVE-2018-21011

CVE-2018-21011 affects the WordPress Charitable plugin prior to version 1.5.14, allowing unauthorized access to user and donation details. The issue stems from a vulnerability in the Charitable plugin that leads to information disclosure; CVSS metrics indicate a network-accessible flaw with mediu...

7.5CVSS7.5AI score0.00747EPSS