First published: Thu Jun 15 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin <= 2.25.1 versions.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Givewp Givewp | <2.25.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-25450.
CVE-2023-25450 has a severity level of 8.8 (high).
CVE-2023-25450 affects versions <= 2.25.1 of the GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin.
To fix the vulnerability, update the GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin to version 2.25.2 or higher.
Yes, you can find more information about CVE-2023-25450 at this link: [https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-cross-site-request-forgery-csrf-via-give-cache-flush-vulnerability?_s_id=cve](https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-cross-site-request-forgery-csrf-via-give-cache-flush-vulnerability?_s_id=cve)