|Category:||Web application abuses|
|Title:||WordPress GiveWP Plugin < 2.5.10 Multiple Vulnerabilities|
|Summary:||The WordPress plugin GiveWP is prone to multiple vulnerabilities.|
The WordPress plugin GiveWP is prone to multiple vulnerabilities.
There are multiple authenticated and unauthenticated settings change vulnerabilities.
Additionally the 'give_get_ip' function in 'includes/misc-functions.php' lacks proper validation
and will accept arbitrary IP addresses in the 'Client-IP' field.
Successful exploitation would allow an attacker to
disable all email notifications sent to the admin or have other unspecified impact.
WordPress GiveWP plugin through version 2.5.9.
Update to version 2.5.10 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2020-20627|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.