cleantalk
Vulnerabilities and Security Researches

Doneren met Mollie, CVE-2021-4377

CVE, Research URL

CVE-2021-4377

Home page URL

Security reports for Doneren met Mollie

Application

Doneren met Mollie

Published on
Jun 07, 2023
Research Description
The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donations() function which is called via the admin_post_dmm_export hook due to missing capability checks. This can allow authenticated attackers to extract a CSV file that contains sensitive information about the donors.
Affected versions
Min -, max 2.8.5.
Status
vulnerable
Previous vulnerability researches
Doneren met Mollie (7f2da1339778100d41136a20c055e4204f8a04f9) , Jun 06, 2024
Doneren met Mollie (CVE-2021-4377) , Jun 06, 2024
Doneren met Mollie (CVE-2024-29767) , Jun 06, 2024
Doneren met Mollie (CVE-2025-30779) , Mar 28, 2025
New vulnerability
ABC Notation (CVE-2025-31895) , Apr 03, 2025
Leartes TRY Exchange Rates (CVE-2025-31783) , Apr 03, 2025
Essential Real Estate (CVE-2025-30849) , Apr 03, 2025
SMS Abandoned Cart Recovery ✦ CartBoss (CVE-2025-31865) , Apr 03, 2025
HTML Forms (CVE-2025-31080) , Apr 03, 2025