Themeum Wp_crowdfunding

11 CVEs affecting Themeum Wp_crowdfunding. Latest disclosed: 2025-03-12. Critical: 0, High: 0.

Top CVEs affecting Themeum Wp_crowdfunding
CVESeverityScorePublishedSummary
CVE-2023-50859Medium6.52023-12-28Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS.This issue affe…
CVE-2024-11910Medium6.42024-12-13The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp-crowdfunding/search block in all versions up to, and including…
CVE-2024-43937Medium6.42024-11-01Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cr…
CVE-2024-10117Medium6.42024-10-26The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcf_donate shortcode in all versions up to, and includi…
CVE-2023-6161Medium6.12024-01-08The WP Crowdfunding WordPress plugin before 2.1.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-…
CVE-2023-47532Medium5.82023-11-14Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.
CVE-2025-1508Medium5.32025-03-12The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_data action in all vers…
CVE-2023-6163Medium4.82024-01-15The WP Crowdfunding WordPress plugin before 2.1.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to p…
CVE-2023-5757Medium4.82023-12-11The WP Crowdfunding WordPress plugin before 2.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to pe…
CVE-2023-41870Medium4.32024-12-13Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cr…
CVE-2024-11911Medium4.32024-12-13The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_woocommerce_plugin(…