impress-org/givewp

impress-org/givewp

Releases329

Frequency1 week 5 days

Last Release 21 days ago

Stars366

GiveWP - The #1 Donation Plugin for WordPress. Easily accept donations and fundraise using your WordPress website.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-47444 ↗	Aug 12, 2025Tuesday, 12 August 2025, 07:15	5.3 MEDIUM	—
Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through <= 1.32.1.
CVE-2025-8620 ↗	Aug 6, 2025Wednesday, 6 August 2025, 10:15	5.3 MEDIUM	—
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id. CVE-2025-47444 is a duplicate of this issue. CVE-2025-47444 is a duplicate of this issue.
CVE-2019-13578 ↗	Aug 15, 2019Thursday, 15 August 2019, 16:15	9.8 CRITICAL	7.5 HIGH
A SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php.