Vulnerabilities > Codemenschen > Gift Vouchers > 2.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-20 | CVE-2024-13520 | Missing Authorization vulnerability in Codemenschen Gift Vouchers The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'update_voucher_price', 'update_voucher_date', 'update_voucher_note' functions in all versions up to, and including, 4.4.6. | 5.3 |
| 2023-03-22 | CVE-2023-28662 | SQL Injection vulnerability in Codemenschen Gift Vouchers The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action. | 9.8 |
| 2018-08-30 | CVE-2018-16159 | SQL Injection vulnerability in Codemenschen Gift Vouchers The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. | 9.8 |