Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

WP Fundraising Donation and Crowdfunding Platform

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-47459
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.02% / 3.45%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 14:19
Updated-08 May, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Fundraising Donation and Crowdfunding Platform <= 1.7.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in XpeedStudio WP Fundraising Donation and Crowdfunding Platform allows Cross Site Request Forgery. This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.7.3.

Action-Not Available
Vendor-XpeedStudio
Product-WP Fundraising Donation and Crowdfunding Platform
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2024-34758
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.14%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 16:13
Updated-02 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4.

Action-Not Available
Vendor-Wpmetwpmet
Product-WP Fundraising Donation and Crowdfunding Platformwp_fundraising_donation_and_crowdfunding_platform
CWE ID-CWE-862
Missing Authorization
CVE-2022-0788
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-49.26% / 97.70%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 08:50
Updated-05 Dec, 2024 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users

Action-Not Available
Vendor-wpmetUnknown
Product-fundengineWP Fundraising Donation and Crowdfunding Platform
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')