The weakness allowed unauthenticated users to bypass API authentication methods and potentially access personally identifiable user information (PII) like names, addresses, IP addresses, and email addresses which should not be publicly accessible.
www.wordfence.com/blog/2019/09/authentication-bypass-vulnerability-in-givewp-plugin/