Vulnerabilities > Wpcharitable
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-24 | CVE-2024-8791 | Authorization Bypass Through User-Controlled Key vulnerability in Wpcharitable Charitable The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. | 9.8 |
| 2023-11-22 | CVE-2023-47816 | Cross-site Scripting vulnerability in Wpcharitable Charitable Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.13 versions. | 5.4 |
| 2023-08-23 | CVE-2023-4404 | Improper Privilege Management vulnerability in Wpcharitable Charitable The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. | 9.8 |
| 2023-05-10 | CVE-2022-47441 | Cross-site Scripting vulnerability in Wpcharitable Charitable Unauth. | 6.1 |
| 2021-08-23 | CVE-2021-24531 | Cross-site Scripting vulnerability in Wpcharitable Charitable The Charitable – Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature. | 5.4 |
| 2019-09-09 | CVE-2018-21011 | Information Exposure vulnerability in Wpcharitable Charitable The charitable plugin before 1.5.14 for WordPress has unauthorized access to user and donation details. | 7.5 |