CVE-2025-8620

Medium CVSS: 5.3

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.

Vendor

Givewp

Product

Givewp

CWE

CWE-200

Yayın Tarihi

2025-08-06 10:15:35

Güncelleme

2025-08-12 16:33:03

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-200 Givewp MEDIUM Givewp 2025

Referanslar

https://github.com/impress-org/givewp/issues/8042 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3336253%40give&new=3336253%40give&sfp_email=&sfph_mail= https://www.linkedin.com/posts/givewp_givewp-support-handpicked-from-the-best-activity-7356319738290974720-Dt4U/?utm_source=share&utm_medium=member_desktop&rcm=ACoAABmBk5UBxPIzCp0cgsD1_1xKASTMphetnI4 https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc7c5a6-513e-4aa8-9538-0ac6fb37c867?source=cve

Benzer Kayıtlar

High

CVE-2025-13206

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting…

Medium

CVE-2025-11228

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of…

Medium

CVE-2025-11227

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all…

Medium

CVE-2025-7221

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of…

Medium

CVE-2025-7205

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting…

Medium

CVE-2025-4571

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modifi…