Количество 2
Количество 2
CVE-2025-11154
The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers to delete arbitrary users.
GHSA-xxxg-8p58-2qqv
The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers to delete arbitrary users.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-11154 The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers to delete arbitrary users. | CVSS3: 5.4 | 0% Низкий | 7 дней назад |
| GHSA-xxxg-8p58-2qqv The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers to delete arbitrary users. | CVSS3: 5.4 | 0% Низкий | 7 дней назад |
Уязвимостей на страницу