Описание
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.
Ссылки
- Issue Tracking
- Patch
- Permissions Required
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.6.1 (исключая)
cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 15%
0.0005
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
около 1 месяца назад
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.
EPSS
Процентиль: 15%
0.0005
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-200