Description
WordPress Plugin Donations is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Donations version 1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4 or latest
References
https://blog.nintechnet.com/privilege-escalation-vulnerability-in-wordpress-nd-donations-plugin/
https://plugins.svn.wordpress.org/nd-donations/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Contact Form Email Multiple Vulnerabilities (1.1.4)
WordPress Plugin Import any XML or CSV File to WordPress Pro Multiple Vulnerabilities (4.1.1)
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21350)
Oracle Application Server CVE-2008-4017 Vulnerability (CVE-2008-4017)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.2)