Vulnerabilities and security researches forgiveasap giveasap

Direction: ascending

Jun 07, 2024

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2021-24298

CVE, Research URL: CVE-2021-24298
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: May 24, 2021
Research Description: The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS
Affected versions: Min -, max -.
Status: vulnerable

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-1121

CVE, Research URL: CVE-2023-1121
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Apr 10, 2023
Research Description: The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max -.
Status: vulnerable

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-1122

CVE, Research URL: CVE-2023-1122
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Apr 10, 2023
Research Description: The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its Giveaways options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max -.
Status: vulnerable

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-31086

CVE, Research URL: CVE-2023-31086
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Nov 10, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions.
Affected versions: Min -, max -.
Status: vulnerable

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-1120

CVE, Research URL: CVE-2023-1120
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Apr 10, 2023
Research Description: The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-23893

CVE, Research URL: CVE-2023-23893
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Dec 09, 2024
Research Description: Missing Authorization vulnerability in Igor Benic Simple Giveaways allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through 2.48.0.
Affected versions: Min -, max -.
Status: vulnerable

Nov 15, 2024

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2022-4974

CVE, Research URL: CVE-2022-4974
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Oct 16, 2024
Research Description: The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions: Min -, max -.
Status: vulnerable

Apr 02, 2025

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2025-30819

CVE, Research URL: CVE-2025-30819
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: Mar 27, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Igor Benic Simple Giveaways allows SQL Injection. This issue affects Simple Giveaways: from n/a through 2.48.1.
Affected versions: Min -, max -.
Status: vulnerable

May 09, 2025

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2025-47606

CVE, Research URL: CVE-2025-47606
Home page URL: Security reports for Simple Giveaways – Grow your business, email lists and traffic with contests
Application: Simple Giveaways – Grow your business, email lists and traffic with contests
Date: May 07, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways allows Cross Site Request Forgery. This issue affects Simple Giveaways: from n/a through 2.48.2.
Affected versions: Min -, max -.
Status: vulnerable

Vulnerabilities and security researches forgiveasap giveasap

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2021-24298

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2023-1121

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2023-1122

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2023-31086

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2023-1120

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2023-23893

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2022-4974

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2025-30819

Simple Giveaways &#8211; Grow your business, email lists and traffic with contests # CVE-2025-47606

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2021-24298

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-1121

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-1122

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-31086

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-1120

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2023-23893

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2022-4974

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2025-30819

Simple Giveaways – Grow your business, email lists and traffic with contests # CVE-2025-47606