Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:EBF00B36-E8CC-4315-AF6C-B7EF304F927B
HistoryNov 24, 2023 - 12:00 a.m.

GiveWP < 2.33.2 - Missing Authorization via handleBeforeGateway

2023-11-2400:00:00
wpscan.com
1
wordpress
givewp
vulnerability

7 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON

Description The GiveWP plugin for WordPress is vulnerable to unauthorized donation form access due to a missing check on the handleBeforeGateway function that would ensure that a donation form can be used and is not trashed in versions up to, and including, 2.33.1. There is no real security impact, but such trashed donation forms could still receive donations in vulnerable versions.

CPENameOperatorVersion
eq2.33.2

Related

wordfence 1
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 30, 2023 to November 5, 2023)
2023-11-09 18:38:31

7 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON
Related for WPVDB-ID:EBF00B36-E8CC-4315-AF6C-B7EF304F927B
wordfence1