Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 41 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-13206 GiveWP - Donation Plugin and Fundraising Platform <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name' stellarwpGiveWP – Donation Plugin and Fundraising Platform High 7.2 2025-11-19 07:46:08 Deep Dive
CVE-2025-11228 GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign Association stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.3 2025-10-04 02:24:38 Deep Dive
CVE-2025-11227 GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms and Campaigns Disclosure stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 6.5 2025-10-04 02:24:35 Deep Dive
CVE-2025-7221 GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Missing Authorization to Donation Update stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 4.3 2025-08-21 05:28:14 Deep Dive
CVE-2025-8620 GiveWP – Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Donor Data Exposure stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.3 2025-08-06 09:22:33 Deep Dive
CVE-2025-7205 GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Authenticated (GiveWP worker+) Stored Cross-Site Scripting stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.4 2025-07-31 07:25:01 Deep Dive
CVE-2025-4571 GiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And Modification stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.4 2025-06-19 06:44:49 Deep Dive
CVE-2025-2331 GiveWP – Donation Plugin and Fundraising Platform <= 3.22.1 - Authenticated (Subscriber+) Sensitive Information Exposure stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.3 2025-03-22 11:18:42 Deep Dive
CVE-2025-2025 Give <= 3.22.0 - Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Function stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 6.5 2025-03-15 11:13:28 Deep Dive
CVE-2025-0912 GiveWP – Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection stellarwpGiveWP – Donation Plugin and Fundraising Platform Critical 9.8 2025-03-04 03:37:59 Deep Dive
CVE-2024-12877 GiveWP – Donation Plugin and Fundraising Platform <= 3.19.2 - Unauthenticated PHP Object Injection stellarwpGiveWP – Donation Plugin and Fundraising Platform Critical 9.8 2025-01-11 07:21:54 Deep Dive
CVE-2024-9634 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.3 - Unauthenticated PHP Object Injection to Remote Code Execution stellarwpGiveWP – Donation Plugin and Fundraising Platform Critical 9.8 2024-10-16 02:05:09 Deep Dive
CVE-2024-8353 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection stellarwpGiveWP – Donation Plugin and Fundraising Platform Critical 9.8 2024-09-28 02:04:28 Deep Dive
CVE-2024-9130 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Authenticated (GiveWP Manager+) SQL Injection via order Parameter stellarwpGiveWP – Donation Plugin and Fundraising Platform High 7.2 2024-09-27 05:31:03 Deep Dive
CVE-2024-6551 GiveWP <= 3.15.1 - Unauthenticated Full Path Disclosure stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.3 2024-08-29 10:59:41 Deep Dive
CVE-2024-5940 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings Update stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 6.5 2024-08-20 02:03:20 Deep Dive
CVE-2024-5939 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Limited Information Exposure stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.3 2024-08-20 02:03:18 Deep Dive
CVE-2024-5932 GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution stellarwpGiveWP – Donation Plugin and Fundraising Platform Critical 10.0 2024-08-20 02:03:16 Deep Dive
CVE-2024-5941 GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Missing Authorization to Authenticated (Subscriber+) Limited File Deletion stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.4 2024-08-20 02:03:15 Deep Dive
CVE-2024-5977 GiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post Actions stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.4 2024-07-19 11:01:41 Deep Dive