Givewp

Givewp

61 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2022-40211

  • EPSS 0.42%
  • Veröffentlicht 12.04.2024 13:15:14
  • Zuletzt bearbeitet 28.04.2026 19:18:45

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP allows Stored XSS.This issue affects GiveWP: from n/a through 2.25.1.

5.4

CVE-2024-1424

  • EPSS 0.43%
  • Veröffentlicht 09.04.2024 19:15:17
  • Zuletzt bearbeitet 08.04.2026 19:20:41

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.5.1 due to insufficient input sanitization and output escapi...

7.2

CVE-2024-30229

  • EPSS 0.62%
  • Veröffentlicht 28.03.2024 05:15:51
  • Zuletzt bearbeitet 23.04.2026 15:18:10

Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.4.2.

6.1

CVE-2024-27987

  • EPSS 0.35%
  • Veröffentlicht 15.03.2024 11:15:09
  • Zuletzt bearbeitet 23.04.2026 15:18:06

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.3.1.

5.4

CVE-2023-51415

  • EPSS 0.33%
  • Veröffentlicht 10.02.2024 09:15:07
  • Zuletzt bearbeitet 28.04.2026 19:22:44

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform allows Stored XSS.This issue affects GiveWP – Donation Plugin and Fundraising Platform: fro...

9.8

CVE-2023-0224

Exploit
  • EPSS 3.74%
  • Veröffentlicht 16.01.2024 16:15:10
  • Zuletzt bearbeitet 13.06.2025 16:15:24

The GiveWP WordPress plugin before 2.24.1 does not properly escape user input before it reaches SQL queries, which could let unauthenticated attackers perform SQL Injection attacks

4.3

CVE-2023-4248

  • EPSS 0.25%
  • Veröffentlicht 11.01.2024 09:15:46
  • Zuletzt bearbeitet 08.04.2026 17:17:01

The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_stripe_disconnect_connect_stripe_account function. This makes it po...

5.4

CVE-2023-4247

  • EPSS 0.26%
  • Veröffentlicht 11.01.2024 09:15:46
  • Zuletzt bearbeitet 08.04.2026 19:18:30

The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_sendwp_disconnect function. This makes it possible for unauthentica...

4.3

CVE-2023-4246

  • EPSS 0.24%
  • Veröffentlicht 11.01.2024 09:15:46
  • Zuletzt bearbeitet 08.04.2026 19:18:30

The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_sendwp_remote_install_handler function. This makes it possible for ...

9.8

CVE-2023-32513

  • EPSS 0.59%
  • Veröffentlicht 28.12.2023 11:15:08
  • Zuletzt bearbeitet 28.04.2026 19:20:28

Deserialization of Untrusted Data vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 2.25.3.