Vulnerabilities > Wpcharitable

DATE CVE VULNERABILITY TITLE RISK
2024-09-24 CVE-2024-8791 Authorization Bypass Through User-Controlled Key vulnerability in Wpcharitable Charitable
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14.
network
low complexity
wpcharitable CWE-639
critical
9.8
2023-11-22 CVE-2023-47816 Unspecified vulnerability in Wpcharitable Charitable
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.13 versions.
network
low complexity
wpcharitable
5.4
2023-08-23 CVE-2023-4404 Improper Privilege Management vulnerability in Wpcharitable Charitable
The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function.
network
low complexity
wpcharitable CWE-269
critical
9.8
2023-05-10 CVE-2022-47441 Unspecified vulnerability in Wpcharitable Charitable
Unauth.
network
low complexity
wpcharitable
6.1
2021-08-23 CVE-2021-24531 Unspecified vulnerability in Wpcharitable Charitable
The Charitable – Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature.
network
low complexity
wpcharitable
5.4
2019-09-09 CVE-2018-21011 Information Exposure vulnerability in Wpcharitable Charitable
The charitable plugin before 1.5.14 for WordPress has unauthorized access to user and donation details.
network
low complexity
wpcharitable CWE-200
7.5