Server-Side Request Forgery (SSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 2.25.1.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-12-18
Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-11-07
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin <= 2.25.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-06-15
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-08
The GiveWP WordPress plugin before 2.24.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
CVSS Score
5.4
EPSS Score
0.003
Published
2023-02-13
Page 5