cleantalk
Vulnerabilities and Security Researches

GiveWP – Donation Plugin and Fundraising Platform, CVE-2024-35679

CVE, Research URL

CVE-2024-35679

Home page URL

Security reports for GiveWP – Donation Plugin and Fundraising Platform

Application

GiveWP – Donation Plugin and Fundraising Platform

Published on
Jun 08, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GiveWP allows Reflected XSS.This issue affects GiveWP: from n/a through 3.12.0.
Affected versions
Min -, max 3.12.1.
Status
vulnerable
Previous vulnerability researches
Donation Forms WP by Givecloud (CVE-2025-58842) , Sep 07, 2025
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
Giveaways and Contests by PromoSimple (CVE-2025-23934) , Jan 18, 2025
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
New vulnerability
Redis Object Cache , Sep 17, 2025
Zakra (CVE-2025-8595) , Sep 15, 2025
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025