Cryptocurrency Donation Box Bitcoin Crypto Donations
Monthly
AdAstraCrypto Cryptocurrency Donation Box plugin for WordPress versions up to 2.2.13 allows unauthenticated remote attackers to modify cryptocurrency donation settings due to missing authorization checks on access control endpoints. The vulnerability enables unauthorized changes to donation configuration without requiring authentication or user interaction, though it does not expose sensitive data or cause denial of service. With an EPSS score of 0.02% and no evidence of active exploitation, this represents a low-probability but direct authorization bypass in a niche plugin.
AdAstraCrypto Cryptocurrency Donation Box plugin for WordPress versions up to 2.2.13 allows unauthenticated remote attackers to modify cryptocurrency donation settings due to missing authorization checks on access control endpoints. The vulnerability enables unauthorized changes to donation configuration without requiring authentication or user interaction, though it does not expose sensitive data or cause denial of service. With an EPSS score of 0.02% and no evidence of active exploitation, this represents a low-probability but direct authorization bypass in a niche plugin.