cleantalk
Vulnerabilities and Security Researches

GiveWP – Donation Plugin and Fundraising Platform, CVE-2022-40312

CVE, Research URL

CVE-2022-40312

Home page URL

Security reports for GiveWP – Donation Plugin and Fundraising Platform

Application

GiveWP – Donation Plugin and Fundraising Platform

Published on
Dec 18, 2023
Research Description
Server-Side Request Forgery (SSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 2.25.1.
Affected versions
Min -, max 2.25.2.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
Giveaways and Contests by PromoSimple (CVE-2025-23934) , Jan 18, 2025
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more (CVE-2024-11898) , Dec 06, 2024
New vulnerability
WP Last Modified (CVE-2025-28907) , Mar 13, 2025
Lunar – Sell photos online (CVE-2025-28936) , Mar 13, 2025
Skrill Official (CVE-2025-28876) , Mar 13, 2025
WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins (CVE-2025-2250) , Mar 13, 2025
All-in-One WP Migration (CVE-2024-10942) , Mar 13, 2025