Shodan
Vulnerabilities
Vulnerable Software
Givewp:  >> Givewp  >> 2.11.2  Security Vulnerabilities
CVE-2022-0252
The GiveWP WordPress plugin before 2.17.3 does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.002
Published
2022-02-21
CVE-2021-25099
The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX action, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.024
Published
2022-02-21
CVE-2021-25100
The GiveWP WordPress plugin before 2.17.3 does not escape the s parameter before outputting it back in an attribute in the Donation Forms dashboard, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.002
Published
2022-02-21
CVE-2021-24524
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-08-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved