Givewp Latest Vulnerabilities

Latest vulnerabilities published by givewp

2 January 2025

WordPress GiveWP plugin <= 2.33.1 - Broken Access Control vulnerability
CVE-2023-47183
GiveWPGiveWP5.3MEDIUM

27 December 2024

Reflected Cross-Site Scripting Vulnerability in GiveWP WordPress Plugin
CVE-2024-11921
GiveWPGiveWP👾🟡

28 September 2024

Unsafe Deserialization Vulnerability in GiveWP Plugin Allows for PHP Object Injection and File Delete
CVE-2024-8353
GiveWPGiveWP👾🟡9.8CRITICAL

25 September 2024

CSRF Vulnerability in GiveWP
CVE-2024-47315
GiveWPGiveWP8.8HIGH

8 June 2024

GiveWP: Reflected XSS Vulnerability Affects Versions 3.12.0 and Below
CVE-2024-35679
GiveWPGiveWP6.1MEDIUM

17 May 2024

Privilege Escalation Vulnerability Affects GiveWP from n/a through 2.33.0
CVE-2023-41665
GiveWPGiveWP8.8HIGH

12 April 2024

GiveWP Stored XSS Vulnerability
CVE-2022-40211
GiveWPGiveWP5.9MEDIUM

28 March 2024

Deserialization of Untrusted Data Vulnerability Affects GiveWP
CVE-2024-30229
GiveWPGiveWP8HIGH

15 March 2024

GiveWP Give Vulnerable to Reflected Cross-site Scripting
CVE-2024-27987
GiveWPGive7.1HIGH

10 February 2024

Cross-site Scripting (XSS) Vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform
CVE-2023-51415
GiveWPGiveWP – Donation Plug...6.5MEDIUM

16 January 2024

GiveWP < 2.24.1 - Unauthenticated SQLi
CVE-2023-0224
GiveWPGiveWP👾🟡9.8CRITICAL

28 December 2023

WordPress GiveWP Plugin <= 2.25.3 is vulnerable to PHP Object Injection
CVE-2023-32513
GiveWPGiveWP – Donation Plug...7.5HIGH

18 December 2023

WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Server Side Request Forgery (SSRF)
CVE-2022-40312
GiveWPGiveWP – Donation Plug...5.5MEDIUM

7 November 2023

WordPress GiveWP Plugin <= 2.25.1 is vulnerable to CSV Injection
CVE-2023-22719
GiveWPGiveWP9.8CRITICAL

15 June 2023

WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-25450
GiveWPGiveWP – Donation Plug...5.4MEDIUM

8 May 2023

WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-23668
GiveWPGiveWP5.4MEDIUM

13 February 2023

GiveWP < 2.24.0 - Contributor+ Stored XSS
CVE-2022-4448
GiveWPGiveWP5.4MEDIUM

1 August 2022

21 July 2022

WordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Creation via Export function vulnerability
CVE-2022-28700
GiveWPGiveWP (WordPress Plugin)9.1CRITICAL

12 July 2022

WordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Read via Export function vulnerability
CVE-2022-31475
GiveWPGiveWP (WordPress Plugin)5.5MEDIUM

21 February 2022

23 August 2021

GiveWP < 2.12.0 - Authenticated Stored XSS
CVE-2021-24524
GiveWPGiveWP – Donation Plug...4.8MEDIUM