| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-47338 | WordPress WPExperts Square For GiveWP plugin <= 1.3 - SQL Injection vulnerability | Saad Iqbal | WPExperts Square For GiveWP | High | 8.5 | 2024-10-06 12:58:43 | Deep Dive |
| CVE-2024-8353 | GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Critical | 9.8 | 2024-09-28 02:04:28 | Deep Dive |
| CVE-2024-9130 | GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Authenticated (GiveWP Manager+) SQL Injection via order Parameter | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | High | 7.2 | 2024-09-27 05:31:03 | Deep Dive |
| CVE-2024-47315 | WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerability | StellarWP | GiveWP | Medium | 5.4 | 2024-09-25 17:32:56 | Deep Dive |
| CVE-2024-6551 | GiveWP <= 3.15.1 - Unauthenticated Full Path Disclosure | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.3 | 2024-08-29 10:59:41 | Deep Dive |
| CVE-2024-5940 | GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 6.5 | 2024-08-20 02:03:20 | Deep Dive |
| CVE-2024-5939 | GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Limited Information Exposure | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.3 | 2024-08-20 02:03:18 | Deep Dive |
| CVE-2024-5932 | GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Critical | 10.0 | 2024-08-20 02:03:16 | Deep Dive |
| CVE-2024-5941 | GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Missing Authorization to Authenticated (Subscriber+) Limited File Deletion | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.4 | 2024-08-20 02:03:15 | Deep Dive |
| CVE-2024-37099 | WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability | Liquid Web | GiveWP | Critical | 10.0 | 2024-08-19 16:51:49 | Deep Dive |
| CVE-2024-5977 | GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post Actions | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.4 | 2024-07-19 11:01:41 | Deep Dive |
| CVE-2024-35679 | WordPress GiveWP plugin <= 3.12.0 - Reflected Cross Site Scripting (XSS) vulnerability | StellarWP | GiveWP | High | 7.1 | 2024-06-08 15:01:08 | Deep Dive |
| CVE-2024-3714 | GiveWP – Donation Plugin and Fundraising Platform <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 6.4 | 2024-05-18 04:30:53 | Deep Dive |
| CVE-2023-41665 | WordPress GiveWP plugin <= 2.33.0 - GiveWP Manager+ Privilege Escalation vulnerability | GiveWP | GiveWP | High | 8.8 | 2024-05-17 06:53:57 | Deep Dive |
| CVE-2024-1957 | GiveWP – Donation Plugin and Fundraising Platform <= 3.6.1 -- Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 6.4 | 2024-04-13 01:57:48 | Deep Dive |
| CVE-2022-40211 | WordPress GiveWP plugin <= 2.25.1 - Cross Site Scripting (XSS) via render_dropdown vulnerability | GiveWP | GiveWP | Medium | 5.9 | 2024-04-12 13:09:40 | Deep Dive |
| CVE-2024-1424 | GiveWP – Donation Plugin and Fundraising Platform <= 3.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 6.4 | 2024-04-09 18:59:19 | Deep Dive |
| CVE-2024-30229 | WordPress Give plugin <= 3.4.2 - PHP Object Injection vulnerability | StellarWP | GiveWP | High | 8.0 | 2024-03-28 04:51:37 | Deep Dive |
| CVE-2024-27987 | WordPress Give plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability | StellarWP | GiveWP | High | 7.1 | 2024-03-15 10:26:17 | Deep Dive |
| CVE-2023-51415 | WordPress GiveWP Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS) | GiveWP | GiveWP – Donation Plugin and Fundraising Platform | Medium | 6.5 | 2024-02-10 08:39:12 | Deep Dive |