Security Advisory

CVE-2021-24524

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-23 11:09:59

Last updated 2024-08-03 19:35:20

Assigner WPScan

State PUBLISHED

Description

The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them.

← Browse all CVEs View on cve.org ↗