cleantalk
Vulnerabilities and Security Researches

GiveWP – Donation Plugin and Fundraising Platform, CVE-2025-8620

CVE, Research URL

CVE-2025-8620

Home page URL

Security reports for GiveWP – Donation Plugin and Fundraising Platform

Application

GiveWP – Donation Plugin and Fundraising Platform

Published on
Aug 06, 2025
Research Description
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.
Affected versions
Min -, max 4.6.1.
Status
vulnerable
Previous vulnerability researches
Chatbox Manager (CVE-2025-48167) , Jul 19, 2025
Chatbox Manager (CVE-2025-30790) , Mar 28, 2025
New vulnerability
Easiest Sales Funnel Builder For WordPress & WooCommerce by WPFunnels (CVE-2025-54696) , Aug 06, 2025
Exclusive Addons for Elementor (CVE-2025-7498) , Aug 06, 2025
Advanced Custom Fields (ACF) (CVE-2012-10025) , Aug 06, 2025
Classified Listing – Classified ads & Business Directory Plugin (CVE-2025-54698) , Aug 06, 2025
Graphina – Elementor Charts and Graphs (CVE-2025-23968) , Aug 06, 2025