Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GiveWP — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in GiveWP, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2025-67467 WordPress GiveWP plugin <= 4.13.1 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2025-12-09
CVE-2025-66533 WordPress GiveWP plugin <= 4.13.1 - Arbitrary Shortocde Execution vulnerability CWE-94 6.5 Medium2025-12-09
CVE-2025-22777 WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability CWE-502 9.8 Critical2025-01-13
CVE-2023-23672 WordPress GiveWP plugin <= 2.25.1 - Arbitrary Content Deletion vulnerability CWE-862 5.4 Medium2025-01-02
CVE-2023-47183 WordPress GiveWP plugin <= 2.33.1 - Broken Access Control vulnerability CWE-862 7.1 -2025-01-02
CVE-2024-11921 Give < 3.19.0 - Reflected XSS 6.1 -2024-12-27
CVE-2024-47315 WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2024-09-25
CVE-2024-37099 WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability CWE-502 10.0 Critical2024-08-19
CVE-2024-35679 WordPress GiveWP plugin <= 3.12.0 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2024-06-08
CVE-2023-41665 WordPress GiveWP plugin <= 2.33.0 - GiveWP Manager+ Privilege Escalation vulnerability CWE-269 8.8 High2024-05-17
CVE-2022-40211 WordPress GiveWP plugin <= 2.25.1 - Cross Site Scripting (XSS) via render_dropdown vulnerability CWE-79 5.9 Medium2024-04-12
CVE-2024-30229 WordPress Give plugin <= 3.4.2 - PHP Object Injection vulnerability CWE-502 8.0 High2024-03-28
CVE-2024-27987 WordPress Give plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2024-03-15
CVE-2023-0224 GiveWP < 2.24.1 - Unauthenticated SQLi 9.8AICriticalAI2024-01-16
CVE-2023-22719 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to CSV Injection CWE-1236 8.8 -2023-11-07
CVE-2023-23668 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS) CWE-79 6.5 Medium2023-05-08
CVE-2022-4448 GiveWP < 2.24.0 - Contributor+ Stored XSS 5.4 -2023-02-13

All 17 known CVE vulnerabilities affecting GiveWP with full Chinese analysis, references, and POCs where available.