CVE-2021-24213

Summary

The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors page.

Affected Software

VendorProductVersion RangeStatus
GiveWPGiveWP – Donation Plugin and Fundraising Platform2.4.0 < 2.4.0*affected
GiveWPGiveWP – Donation Plugin and Fundraising Platform2.10.0 < 2.10.0affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References