cleantalk
Vulnerabilities and Security Researches

Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers, CVE-2025-66064

CVE, Research URL

CVE-2025-66064

Home page URL

Security reports for Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers

Application

Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers

Published on
Nov 21, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Giveaways and Contests by RafflePress rafflepress allows Cross Site Request Forgery.This issue affects Giveaways and Contests by RafflePress: from n/a through <= 1.12.20.
Affected versions
max 1.12.20.
Status
vulnerable
Previous vulnerability researches
Giveaways and Contests by RafflePress &#8211; Get More Website Traffic, Email Subscribers, and Social Followers (CVE-2024-10107) , Apr 17, 2025
Giveaways and Contests by RafflePress &#8211; Get More Website Traffic, Email Subscribers, and Social Followers (CVE-2024-3963) , Jul 15, 2024
Giveaways and Contests by RafflePress &#8211; Get More Website Traffic, Email Subscribers, and Social Followers (CVE-2025-49997) , Jun 22, 2025
Giveaways and Contests by RafflePress &#8211; Get More Website Traffic, Email Subscribers, and Social Followers (CVE-2024-6887) , Sep 13, 2024
Giveaways and Contests by RafflePress &#8211; Get More Website Traffic, Email Subscribers, and Social Followers (CVE-2024-4745) , Jun 07, 2024
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs &#8211; Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025