CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Givewp: >> Givewp >> 2.12.0 Security Vulnerabilities

CVE-2022-0252

The GiveWP WordPress plugin before 2.17.3 does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting

CVSS Score

6.1

EPSS Score

0.002

Published

2022-02-21

CVE-2021-25099

The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX action, leading to a Reflected Cross-Site Scripting

CVSS Score

6.1

EPSS Score

0.024

Published

2022-02-21

CVE-2021-25100

The GiveWP WordPress plugin before 2.17.3 does not escape the s parameter before outputting it back in an attribute in the Donation Forms dashboard, leading to a Reflected Cross-Site Scripting

CVSS Score

6.1

EPSS Score

0.002

Published

2022-02-21

Prev

Page 6

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved