cleantalk
Vulnerabilities and Security Researches

Whydonate – FREE Donate button – Crowdfunding – Fundraising, CVE-2025-49899

CVE, Research URL

CVE-2025-49899

Home page URL

Security reports for Whydonate – FREE Donate button – Crowdfunding – Fundraising

Application

Whydonate – FREE Donate button – Crowdfunding – Fundraising

Published on
Oct 22, 2025
Research Description
Missing Authorization vulnerability in jjlemstra Whydonate wp-whydonate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Whydonate: from n/a through <= 4.0.15.
Affected versions
max 4.0.16.
Status
vulnerable
Previous vulnerability researches
Child Themes Helper (CVE-2025-25093) , Feb 05, 2025
New vulnerability
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-11823) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-12493) , Nov 11, 2025
Gravity Forms Google Sheet Connector (CVE-2025-8606) , Nov 11, 2025
Gravity Forms Google Sheet Connector (CVE-2025-8593) , Nov 11, 2025
Robokassa payment gateway for Woocommerce (CVE-2025-49958) , Nov 11, 2025