Vulnerabilities > Givewp > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-31 | CVE-2020-20627 | Missing Authentication for Critical Function vulnerability in Givewp The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change. | 5.3 |
2019-08-22 | CVE-2019-15317 | Cross-site Scripting vulnerability in Givewp The give plugin before 2.4.7 for WordPress has XSS via a donor name. | 5.4 |
2019-03-22 | CVE-2019-9909 | Cross-site Scripting vulnerability in Givewp The "Donation Plugin and Fundraising Platform" plugin before 2.3.1 for WordPress has wp-admin/edit.php csv XSS. | 6.1 |