CVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability

June 19, 2025

CVE ID : CVE-2025-4571

Published : June 19, 2025, 7:15 a.m. | 3 hours, 21 minutes ago

Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modification of data due to an insufficient capability check on the permissionsCheck functions in all versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to view or delete fundraising campaigns, view donors’ data, modify campaign events, etc.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4965 – WordPress WPBakery Page Builder Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

IBM launches new integration to help unify AI security and governance

Meet Accessible UX Research, A Brand-New Smashing Book

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

With Windows 10 circling the drain, Windows 11 sees a long-overdue surge

This PC app boosts FPS in any game on any GPU for only $7 — and it just got a major update

Sam Altman claims Meta is trying to poach OpenAI staffers with $100 million bonuses, but “none of our best people have decided to take them up on that”

Why Inclusive Design Solutions Are important for Accessibility

Why Inclusive Design Solutions Are important for Accessibility

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

With Windows 10 circling the drain, Windows 11 sees a long-overdue surge

This PC app boosts FPS in any game on any GPU for only $7 — and it just got a major update

CVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability

CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

CVE-2025-4965 – WordPress WPBakery Page Builder Stored Cross-Site Scripting Vulnerability

CVE-2025-5990 – Crafty Controller Stored XSS Vulnerability

CVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

Rilasciato Mozilla Firefox 139: Tutte le Novità

CVE-2024-13344 – WooCommerce Advance Seat Reservation SQL Injection

I put my Bose QuietComfort Ultra away within hours of testing these headphones

Canvas App Components: A Crash Course for Power Apps Developers

CVE-2022-50223 – LoongArch Linux Kernel CPUInfo Information Disclosure Vulnerability

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure

CVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability

Related Posts