Themeatelier Idonate

8 CVEs affecting Themeatelier Idonate. Latest disclosed: 2025-12-09. Critical: 0, High: 3.

Top CVEs affecting Themeatelier Idonate
CVESeverityScorePublishedSummary
CVE-2025-4519High8.82025-11-07The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check…
CVE-2024-3594High8.72024-05-23The IDonate WordPress plugin through 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform…
CVE-2025-32519High8.12025-04-11Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Foysal Imran IDonate idonate allows PH…
CVE-2025-4522Medium6.52025-11-07The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Insecure Direct Object Reference via the admin_post_don…
CVE-2025-4523Medium6.52025-08-01The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability…
CVE-2025-11154Medium5.42025-10-27The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers…
CVE-2025-67583Medium5.32025-12-09Missing Authorization vulnerability in Foysal Imran IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
CVE-2025-12877Medium5.32025-11-22The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modification od data due to a missing capa…