Wpcharitable Charitable — known CVE vulnerabilities
Every CVE whose affected-product data names Wpcharitable Charitable, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-4404 — CVSS 9.8 (critical): The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due…
CVE-2024-8791 — CVSS 9.8 (critical): The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege…
CVE-2018-21011 — CVSS 7.5 (high): The charitable plugin before 1.5.14 for WordPress has unauthorized access to user and donation details.
CVE-2022-47441 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin…
CVE-2023-47816 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charitable Donations & Fundraising…
CVE-2021-24531 — CVSS 5.4 (medium): The Charitable – Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability…