Donation Button Project Donation Button — known CVE vulnerabilities
Every CVE whose affected-product data names Donation Button Project Donation Button, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-4005 — CVSS 5.4 (medium): The Donation Button WordPress plugin through 4.0.0 does not sanitize and escapes some parameters, which could allow users with a role as…
CVE-2022-4004 — CVSS 4.3 (medium): The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its "donation_button_twilio_se…