CVE-2021-24524

The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them.
References
Configurations

Configuration 1

cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*

Information

Published : 2021-08-23 12:15

Updated : 2021-08-26 06:42


NVD link : CVE-2021-24524

Mitre link : CVE-2021-24524

Products Affected
No products.
CWE