4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Exposure of GiveWP\",\"url\":\"https://vexday.io/en/tech/GiveWP\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":20},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exposure by technology\",\"item\":\"https://vexday.io/en/tech\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"GiveWP\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/tech","children":"Exposure by technology"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"GiveWP"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Exposure of"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"GiveWP"}]]}],["$","span",null,{"className":"t","children":"Fundraising & donations, WordPress plugins"}]]}],["$","div",null,{"className":"band","style":{"marginTop":16},"children":[["$","div",null,{"className":"stat","children":[["$","div",null,{"className":"n","children":"37"}],["$","div",null,{"className":"l","children":"exposure score"}]]}],["$","div",null,{"className":"stat","children":[["$","div",null,{"className":"n","children":"7,069"}],["$","div",null,{"className":"l","children":"sites use"}]]}],["$","div",null,{"className":"stat kev","children":[["$","div",null,{"className":"n","children":"0"}],["$","div",null,{"className":"l","children":"exploited"}]]}],["$","div",null,{"className":"stat crit","children":[["$","div",null,{"className":"n","children":"3"}],["$","div",null,{"className":"l","children":"critical"}]]}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":24},"children":[["$","h2",null,{"children":"CVEs"}],["$","span",null,{"className":"t","children":["20"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2023-0224",{"className":"item","href":"/en/cve/CVE-2023-0224","children":[["$","span",null,{"className":"cid","children":"CVE-2023-0224"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"GiveWP < 2.24.1 - Unauthenticated SQLi"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"3.7%"}]]}],false]}]]}],["$","$La","CVE-2025-22777",{"className":"item","href":"/en/cve/CVE-2025-22777","children":[["$","span",null,{"className":"cid","children":"CVE-2025-22777"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.9%"}]]}],false]}]]}],["$","$La","CVE-2024-11921",{"className":"item","href":"/en/cve/CVE-2024-11921","children":[["$","span",null,{"className":"cid","children":"CVE-2024-11921"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Give < 3.19.0 - Reflected XSS"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.8%"}]]}],false]}]]}],["$","$La","CVE-2023-22719",{"className":"item","href":"/en/cve/CVE-2023-22719","children":[["$","span",null,{"className":"cid","children":"CVE-2023-22719"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP Plugin <= 2.25.1 is vulnerable to CSV Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2024-30229",{"className":"item","href":"/en/cve/CVE-2024-30229","children":[["$","span",null,{"className":"cid","children":"CVE-2024-30229"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Give plugin <= 3.4.2 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2023-41665",{"className":"item","href":"/en/cve/CVE-2023-41665","children":[["$","span",null,{"className":"cid","children":"CVE-2023-41665"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 2.33.0 - GiveWP Manager+ Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2024-37099",{"className":"item","href":"/en/cve/CVE-2024-37099","children":[["$","span",null,{"className":"cid","children":"CVE-2024-37099"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2022-4448",{"className":"item","href":"/en/cve/CVE-2022-4448","children":[["$","span",null,{"className":"cid","children":"CVE-2022-4448"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"GiveWP < 2.24.0 - Contributor+ Stored XSS"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2022-40211",{"className":"item","href":"/en/cve/CVE-2022-40211","children":[["$","span",null,{"className":"cid","children":"CVE-2022-40211"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 2.25.1 - Cross Site Scripting (XSS) via render_dropdown vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2023-47183",{"className":"item","href":"/en/cve/CVE-2023-47183","children":[["$","span",null,{"className":"cid","children":"CVE-2023-47183"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 2.33.1 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2023-23672",{"className":"item","href":"/en/cve/CVE-2023-23672","children":[["$","span",null,{"className":"cid","children":"CVE-2023-23672"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 2.25.1 - Arbitrary Content Deletion vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2023-23668",{"className":"item","href":"/en/cve/CVE-2023-23668","children":[["$","span",null,{"className":"cid","children":"CVE-2023-23668"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-27987",{"className":"item","href":"/en/cve/CVE-2024-27987","children":[["$","span",null,{"className":"cid","children":"CVE-2024-27987"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Give plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-35679",{"className":"item","href":"/en/cve/CVE-2024-35679","children":[["$","span",null,{"className":"cid","children":"CVE-2024-35679"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 3.12.0 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-66533",{"className":"item","href":"/en/cve/CVE-2025-66533","children":[["$","span",null,{"className":"cid","children":"CVE-2025-66533"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 4.13.1 - Arbitrary Shortocde Execution vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2024-47315",{"className":"item","href":"/en/cve/CVE-2024-47315","children":[["$","span",null,{"className":"cid","children":"CVE-2024-47315"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-42678",{"className":"item","href":"/en/cve/CVE-2026-42678","children":[["$","span",null,{"className":"cid","children":"CVE-2026-42678"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 4.14.5 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-42642",{"className":"item","href":"/en/cve/CVE-2026-42642","children":[["$","span",null,{"className":"cid","children":"CVE-2026-42642"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 4.14.5 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-34900",{"className":"item","href":"/en/cve/CVE-2026-34900","children":[["$","span",null,{"className":"cid","children":"CVE-2026-34900"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 4.14.2 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-67467",{"className":"item","href":"/en/cve/CVE-2025-67467","children":[["$","span",null,{"className":"cid","children":"CVE-2025-67467"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress GiveWP plugin <= 4.13.1 - Cross Site Request Forgery (CSRF) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.1%"}]]}],false]}]]}]]}],false,["$","section",null,{"className":"block","style":{"marginTop":28},"children":["$","div",null,{"className":"cta","children":[["$","p",null,{"children":"Want to know if your infrastructure is exposed to this?"}],["$","a",null,{"className":"btn btn-primary","href":"https://truehacking.ai","target":"_blank","rel":"noopener","children":"Talk to TrueHacking →"}]]}]}]]}]