cleantalk
Vulnerabilities and Security Researches

GiveWP – Donation Plugin and Fundraising Platform, CVE-2025-8620

CVE, Research URL

CVE-2025-8620

Home page URL

Security reports for GiveWP – Donation Plugin and Fundraising Platform

Application

GiveWP – Donation Plugin and Fundraising Platform

Published on
Aug 06, 2025
Research Description
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.
Affected versions
Min -, max 4.6.1.
Status
vulnerable
Previous vulnerability researches
3D Product configurator for WooCommerce (CVE-2022-1953) , Jun 07, 2024
New vulnerability
Newsletters (CVE-2025-54034) , Aug 07, 2025
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-6986) , Aug 07, 2025
HT Mega – Absolute Addons For Elementor (CVE-2025-54695) , Aug 07, 2025
DELUCKS SEO (CVE-2025-48165) , Aug 07, 2025
Gutenberg Blocks – PublishPress Blocks Gutenberg Editor Plugin (CVE-2025-48332) , Aug 06, 2025