CVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability

June 19, 2025

CVE ID : CVE-2025-4571

Published : June 19, 2025, 7:15 a.m. | 3 hours, 21 minutes ago

Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modification of data due to an insufficient capability check on the permissionsCheck functions in all versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to view or delete fundraising campaigns, view donors’ data, modify campaign events, etc.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4965 – WordPress WPBakery Page Builder Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

Highlights

CVE-2025-49011 – SpiceDB Denial of Authorization Vulnerability

June 6, 2025

CVE ID : CVE-2025-49011

Published : June 6, 2025, 6:15 p.m. | 1 hour, 33 minutes ago

Description : SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow’ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, requests may return a negative response when a positive response is expected. Version 1.44.2 fixes the issue. As a workaround, do not use caveats in the schema over an arrow’ed relation.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-47573 – Mojoomla School Management SQL Injection

June 17, 2025

CVE-2025-46786 – Zoom Workplace Apps XML External Entity (XXE) Injection Vulnerability

May 14, 2025

“The original Mass Effect trilogy was absolutely an inspiration.” The RPG experts behind WH40K: Rogue Trader are hitting it big with ‘The Expanse: Osiris Reborn’

June 8, 2025

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

Student Performance Prediction System using Python Machine Learning (ML)

Student Performance Prediction System using Python Machine Learning (ML)

The attack on the npm ecosystem continues

Feature Highlight

Hyprland Made Easy: Preconfigured Beautiful Distros

Hyprland Made Easy: Preconfigured Beautiful Distros

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

CVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

AI personas you can use to support your entire UX process

The Cryptography Handbook: Exploring RSA PKCSv1.5, OAEP, and PSS

Firefox 34 disables SSL 3.0 and tackles eight security fixes

CVE-2025-47189 – Netwrix Directory Manager Cross-Site Scripting Vulnerability

CVE-2025-49011 – SpiceDB Denial of Authorization Vulnerability

CVE-2025-47573 – Mojoomla School Management SQL Injection

CVE-2025-46786 – Zoom Workplace Apps XML External Entity (XXE) Injection Vulnerability

“The original Mass Effect trilogy was absolutely an inspiration.” The RPG experts behind WH40K: Rogue Trader are hitting it big with ‘The Expanse: Osiris Reborn’

CVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability

Related Posts