cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches fordoneren-met-mollie doneren-met-mollie

Direction: ascending
Jun 06, 2024

Doneren met Mollie # 7f2da1339778100d41136a20c055e4204f8a04f9

CVE, Research URL

7f2da1339778100d41136a20c055e4204f8a04f9

Home page URL

Security reports for Doneren met Mollie

Application

Doneren met Mollie

Date
Jan 22, 2021
Research Description
Doneren met Mollie [doneren-met-mollie] < 2.8.5 WordPress Doneren met Mollie plugin <= 2.8.4 - Authenticated Information Disclosure vulnerability Authenticated Information Disclosure vulnerability found by Jerome Bruandet in WordPress Doneren met Mollie plugin (versions <= 2.8.4).
Affected versions
Min -, max -.
Status
vulnerable

Doneren met Mollie # CVE-2021-4377

CVE, Research URL

CVE-2021-4377

Home page URL

Security reports for Doneren met Mollie

Application

Doneren met Mollie

Date
Jun 07, 2023
Research Description
The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donations() function which is called via the admin_post_dmm_export hook due to missing capability checks. This can allow authenticated attackers to extract a CSV file that contains sensitive information about the donors.
Affected versions
Min -, max -.
Status
vulnerable

Doneren met Mollie # CVE-2024-29767

CVE, Research URL

CVE-2024-29767

Home page URL

Security reports for Doneren met Mollie

Application

Doneren met Mollie

Date
Mar 27, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wobbie.Nl Doneren met Mollie allows Reflected XSS.This issue affects Doneren met Mollie: from n/a through 2.10.2.
Affected versions
Min -, max -.
Status
vulnerable
Mar 28, 2025

Doneren met Mollie # CVE-2025-30779

CVE, Research URL

CVE-2025-30779

Home page URL

Security reports for Doneren met Mollie

Application

Doneren met Mollie

Date
Mar 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Doneren met Mollie allows Stored XSS. This issue affects Doneren met Mollie: from n/a through 2.10.7.
Affected versions
Min -, max -.
Status
vulnerable