CVE-2021-24213

Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions prior to 2.10.0

Description: The issue is related to a reflected Cross-Site Scripting vulnerability inside the administration panel. This vulnerability can be exploited via the s GET parameter on the "Donors" page.

Recommendations: For versions prior to 2.10.0, update to version 2.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Donors page in the administration panel until the update is applied. Avoid using the s GET parameter in the affected page until the issue is resolved.