A vulnerability classified as problematic was found in IDonate Plugin up to 2.1.9 on WordPress. Affected by this issue is the function admin_post_donor_delete. The manipulation of the argument user_id results in improper control of resource identifiers.

This vulnerability is cataloged as CVE-2025-4522. The attack may be launched remotely. There is no exploit available.