Vulnerabilities > Codemenschen > Gift Vouchers > 4.2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-20 | CVE-2024-13520 | Missing Authorization vulnerability in Codemenschen Gift Vouchers The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'update_voucher_price', 'update_voucher_date', 'update_voucher_note' functions in all versions up to, and including, 4.4.6. | 5.3 |
| 2023-03-22 | CVE-2023-28662 | SQL Injection vulnerability in Codemenschen Gift Vouchers The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action. | 9.8 |