ByteOS Network

CVE-2025-60045

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.06% / 17.75%

||

7 Day CHG~0.00%

Published-18 Dec, 2025 | 07:22

Updated-28 Apr, 2026 | 18:33

WordPress IDonatePro plugin <= 2.1.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects IDonatePro: from n/a through <= 2.1.11.

Vendor-ThemeAtelier

Product-IDonatePro

CWE ID-CWE-862

Missing Authorization

CVE-2025-58938

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.05% / 15.67%

||

7 Day CHG~0.00%

Published-18 Dec, 2025 | 07:21

Updated-28 Apr, 2026 | 16:13

WordPress IDonatePro plugin <= 2.1.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonatePro: from n/a through <= 2.1.9.

Vendor-ThemeAtelier

Product-IDonatePro

CWE ID-CWE-862

Missing Authorization

CVE-2025-52752

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.04% / 12.31%

||

7 Day CHG~0.00%

Published-22 Oct, 2025 | 14:32

Updated-28 Apr, 2026 | 19:04

WordPress IDonatePro plugin <= 2.1.9 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeAtelier IDonatePro idonate-pro allows Retrieve Embedded Sensitive Data.This issue affects IDonatePro: from n/a through <= 2.1.9.

Vendor-ThemeAtelier

Product-IDonatePro

CWE ID-CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

CVE-2025-30635

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-8.1||HIGH

EPSS-0.16% / 36.12%

||

7 Day CHG+0.03%

Published-14 Aug, 2025 | 10:34

Updated-28 Apr, 2026 | 16:11

WordPress IDonatePro <= 2.1.9 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeAtelier IDonatePro idonate-pro allows PHP Local File Inclusion.This issue affects IDonatePro: from n/a through <= 2.1.9.

Vendor-ThemeAtelier

Product-IDonatePro

CWE ID-CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

CVE-2025-30639

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.06% / 17.42%

||

7 Day CHG+0.01%

Published-14 Aug, 2025 | 10:34

Updated-28 Apr, 2026 | 16:11

WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability

Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonatePro: from n/a through <= 2.1.9.

Vendor-ThemeAtelier

Product-IDonatePro

CWE ID-CWE-862

Missing Authorization

IDonatePro

Source -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -