Skip to main content
CVE-2019-6703 CRITICAL POC THREAT Act Now

Incorrect access control in migla_ajax_functions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP WordPress Information Disclosure Total Donations
NVD
CVSS 3.0
9.8
EPSS
26.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy