PT-2025-32146 · WordPress · Givewp – Donation Plugin/Fundraising Platform
Kxkv
·
Published
2025-08-06
·
Updated
2025-08-12
·
CVE-2025-8620
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GiveWP – Donation Plugin and Fundraising Platform versions prior to 4.6.1
Description
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is susceptible to information exposure. This allows unauthenticated attackers to extract donor names, emails, and donor IDs.
Recommendations
Update GiveWP – Donation Plugin and Fundraising Platform to version 4.6.1 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Givewp – Donation Plugin/Fundraising Platform