CVE-2025-4523 | IDonate Plugin up to 2.0.0/2.1.9 on WordPress admin_donor_profile_view donor authorization

Inserito da Angelo Barbosa | Lug 31, 2025 | CVE

A vulnerability classified as problematic was found in IDonate Plugin up to 2.0.0/2.1.9 on WordPress. This vulnerability affects the function admin_donor_profile_view. The manipulation of the argument donor leads to missing authorization.

This vulnerability was named CVE-2025-4523. The attack can be initiated remotely. There is no exploit available.

CVE-2025-4523 | IDonate Plugin up to 2.0.0/2.1.9 on WordPress admin_donor_profile_view donor authorization

Post correlati

CVE-2024-31146 | Xen PCI Device access control

CVE-2024-28987 | SolarWinds Web Help Desk up to 12.8.3 Hotfix 1 hard-coded credentials

CVE-2024-56015 | John Godley Tidy Up Plugin up to 1.3 on WordPress cross-site request forgery

CVE-2024-26098 | Adobe Experience Manager up to 6.5.19 Form Field cross site scripting (apsb24-21)