Beta

Report

GiveWP <= 2.3.0 is vulnerable to Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated
Published
2019-03-11

The "Donation Plugin and Fundraising Platform" plugin before 2.3.1 for WordPress has wp-admin/edit.php csv XSS.

CVE

https://www.cve.org/CVERecord?id=CVE-2019-9909

CVSS

Score:6.1

Severity:Medium

Version: 2.3.0

There is a patch available in v2.3.1 and we strongly recommend you update to this version as soon as possible.