Skip to main content
CVE-2024-8353 CRITICAL POC PATCH THREAT Act Now

The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 91.9%.

Deserialization PHP RCE WordPress Givewp
NVD
CVSS 3.1
9.8
EPSS
91.9%
Threat
6.2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy