cleantalk
Vulnerabilities and Security Researches

GiveWP – Donation Plugin and Fundraising Platform, CVE-2026-42642

CVE, Research URL

CVE-2026-42642

Home page URL

Security reports for GiveWP – Donation Plugin and Fundraising Platform

Application

GiveWP – Donation Plugin and Fundraising Platform

Published on
Apr 29, 2026
Research Description
Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through <= 4.14.5.
Affected versions
max 4.14.6.
Status
vulnerable
Previous vulnerability researches
Logo Carousel Gutenberg Block (CVE-2025-2083) , Apr 16, 2025
New vulnerability
Image Widget (CVE-2026-42643) , May 01, 2026
Five Star Restaurant Reservations &#8211; WordPress Booking Plugin (CVE-2026-6498) , May 01, 2026
WordPress Tag and Category Manager &#8211; AI Autotagger (CVE-2026-42646) , May 01, 2026
GiveWP &#8211; Donation Plugin and Fundraising Platform (CVE-2026-42642) , May 01, 2026
Spectra &#8211; WordPress Gutenberg Blocks (CVE-2026-42648) , May 01, 2026