Every CVE whose affected-product data names Wpmet Fundengine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-0788 — CVSS 9.8 (critical): The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using…
CVE-2024-6698 — CVSS 8.8 (high): The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the…