cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10876,https://securityvulnerability.io/vulnerability/CVE-2024-10876,Unescorted Execution of Arbitrary Web Scripts via Reflected Cross-Site Scripting in Donation Plugin for WordPress,"The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",Wordpress,Charitable – Donation Plugin For WordPress – Fundraising With Recurring Donations & More,6.1,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2024-11-09T06:41:30.286Z,0
CVE-2024-8791,https://securityvulnerability.io/vulnerability/CVE-2024-8791,Unauthenticated Attackers Can Access and Update User Accounts,"A vulnerability exists in the Charitable – Donations Plugin & Fundraising Platform for WordPress that allows for privilege escalation across all versions up to and including 1.8.1.14. This security flaw stems from the plugin's inadequate verification of a user's identity when the ID parameter is provided through the update_core_user() function. As a result, attackers lacking authentication can manipulate user accounts, potentially changing email addresses and passwords for any user, including those with administrator privileges. This exposure can lead to significant unauthorized access and control over user accounts, emphasizing the need for prompt remediation.",Wordpress,Charitable – Donation Plugin For WordPress – Fundraising With Recurring Donations & More,9.8,CRITICAL,0.0006300000241026282,false,,false,false,false,,false,false,2024-09-24T02:31:00.740Z,0