CVE-2021-24524

Summary

The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them.

Affected Software

VendorProductVersion RangeStatus
UnknownGiveWP – Donation Plugin and Fundraising Platform2.12.0 < 2.12.0affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References