Description
WordPress Plugin GiveWP-Donation and Fundraising Platform is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass API authentication methods and access personally identifiable user information. WordPress Plugin GiveWP-Donation and Fundraising Platform version 2.5.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.5.5 or latest
References
Related Vulnerabilities
WordPress Plugin Smart Google Code Inserter Multiple Vulnerabilities (3.4)
WordPress Plugin Edit Comments SQL Injection (0.3)
WordPress Plugin Event Tickets CSV Injection (4.10.7.1)
WordPress Plugin jRSS Widget 'url' Parameter Directory Traversal (1.1.1)
WordPress Plugin Alphabetic Pagination Security Bypass (3.0.7)