CVE-2025-8620

Source
https://cve.org/CVERecord?id=CVE-2025-8620
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8620.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-8620
Published
2025-08-06T10:15:35.967Z
Modified
2026-04-10T05:36:21.083426Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.

References

Affected packages

Git / github.com/impress-org/givewp

Affected ranges

Type
GIT
Repo
https://github.com/impress-org/givewp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.6.1"
        }
    ]
}

Affected versions

1.*
1.0
1.0.0
1.0.1
1.1
1.18.18
1.2
1.2.1
1.3
1.3.0.4
1.3.1
1.3.1.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.4
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.5
1.5.1
1.5.2
1.6
1.6.1
1.6.2
1.6.3
1.6.4
1.7
1.7.1
1.7.2
1.8
1.8.1
1.8.10
1.8.11
1.8.12
1.8.13
1.8.14
1.8.15
1.8.16
1.8.17
1.8.19
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
1.8.7.1
1.8.8
1.8.9
2.*
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.10.0
2.10.1
2.10.2
2.10.3
2.10.4
2.11.0
2.11.1
2.11.2
2.11.3
2.12.0
2.12.1
2.12.2
2.12.3
2.13.0
2.13.1
2.13.2
2.13.3
2.13.4
2.14.0
2.15.0
2.16.0
2.16.1
2.16.2
2.17.0
2.17.1
2.17.2
2.17.3
2.18.1
2.19.0
2.19.1
2.19.2
2.19.3
2.19.4
2.19.5
2.19.6
2.19.6-alpha
2.19.7
2.19.8
2.20.0
2.20.1
2.20.2
2.21.0
2.21.1
2.21.2
2.21.4
2.22.0
2.22.1
2.22.2
2.22.3
2.23.0
2.23.1
2.23.2
2.24.0
2.24.1
2.24.2
2.25.0
2.29.2
2.30.0
2.31.0
2.31.1
2.32.0
2.33.0
2.33.1
2.33.2
2.33.3
2.33.4
2.33.5
2.5.10
2.5.12
2.5.13
2.5.2
2.5.3
2.5.4
2.5.5
2.5.7
2.5.8
2.5.9
2.6.0
2.6.1
2.6.2
2.6.3
2.7.0
2.7.1
2.7.2
2.7.3
2.7.4
2.7.5
2.8.0
2.8.0-alpha.1
2.8.0-alpha.2
2.8.0-beta.1
2.8.0-beta.2
2.8.0-beta.3
2.8.0-rc.1
2.8.1
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.10.0
3.11.0
3.12.0
3.13.0
3.14.0
3.14.1
3.15.0
3.2.0
3.2.1
3.4.0
3.4.1
3.5.0
3.6.0
3.7.0
3.8.0
3.9.0
4.*
4.0.0
4.2.0
4.3.0
4.3.2
4.4.0
4.5.0
4.6.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8620.json"