Themeum Wp_crowdfunding
11 CVEs affecting Themeum Wp_crowdfunding. Latest disclosed: 2025-03-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-50859 | Medium | 6.5 | 2023-12-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS.This issue affe… |
CVE-2024-11910 | Medium | 6.4 | 2024-12-13 | The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp-crowdfunding/search block in all versions up to, and including… |
CVE-2024-43937 | Medium | 6.4 | 2024-11-01 | Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cr… |
CVE-2024-10117 | Medium | 6.4 | 2024-10-26 | The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcf_donate shortcode in all versions up to, and includi… |
CVE-2023-6161 | Medium | 6.1 | 2024-01-08 | The WP Crowdfunding WordPress plugin before 2.1.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-… |
CVE-2023-47532 | Medium | 5.8 | 2023-11-14 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions. |
CVE-2025-1508 | Medium | 5.3 | 2025-03-12 | The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_data action in all vers… |
CVE-2023-6163 | Medium | 4.8 | 2024-01-15 | The WP Crowdfunding WordPress plugin before 2.1.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to p… |
CVE-2023-5757 | Medium | 4.8 | 2023-12-11 | The WP Crowdfunding WordPress plugin before 2.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to pe… |
CVE-2023-41870 | Medium | 4.3 | 2024-12-13 | Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cr… |
CVE-2024-11911 | Medium | 4.3 | 2024-12-13 | The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_woocommerce_plugin(… |