givewp
Web & CMS Pluginscommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting givewp.
- CVE-2025-13206GiveWP - Donation Plugin and Fundraising Platform <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name'7.2
- CVE-2025-11228GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign Association5.3
- CVE-2025-11227GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms and Campaigns Disclosure6.5
- CVE-2025-7221GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Missing Authorization to Donation Update4.3
- CVE-2025-8620GiveWP – Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Donor Data Exposure5.3
- CVE-2025-7205GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Authenticated (GiveWP worker+) Stored Cross-Site Scripting5.4
- CVE-2025-4571GiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And Modification5.4
- CVE-2025-2331GiveWP – Donation Plugin and Fundraising Platform <= 3.22.1 - Authenticated (Subscriber+) Sensitive Information Exposure5.3
- CVE-2025-2025Give <= 3.22.0 - Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Function6.5
- CVE-2025-0912GiveWP – Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection9.8
- CVE-2025-22777WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability9.8
- CVE-2024-12877GiveWP – Donation Plugin and Fundraising Platform <= 3.19.2 - Unauthenticated PHP Object Injection9.8
- CVE-2023-23672WordPress GiveWP plugin <= 2.25.1 - Arbitrary Content Deletion vulnerability5.4
- CVE-2023-47183WordPress GiveWP plugin <= 2.33.1 - Broken Access Control vulnerability5.3
- CVE-2024-11921Give < 3.19.0 - Reflected XSS4.8