Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites | allinfosecnews.com

Aug. 22, 2023, 1:35 p.m. | István Márton

Wordfence www.wordfence.com

On August 10, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in the Donation Forms by Charitable plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative privileges by supplying a role ...
Read More

The post Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites appeared first on Wordfence.

august charitable critical disclosure donation escalation forms intelligence plugin privilege privilege escalation process research responsible responsible disclosure team threat threat intelligence unauthenticated vulnerabilities vulnerability websites wordfence wordpress wordpress plugin wordpress security

More from www.wordfence.com / Wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024) 2 days, 15 hours ago | www.wordfence.com

all in bounty bug bug bounty +22

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024) 1 week, 2 days ago | www.wordfence.com

contributed database intelligence may +16

Up to 30X Faster PHP Malware Scans with Wordfence CLI 4.0.1 1 week, 3 days ago | www.wordfence.com

can cli malware malware scanner +11

The Wordfence Affiliate Program Officially Launches Today 1 week, 4 days ago | www.wordfence.com

advocates affiliate clients community +12

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024) 2 weeks, 2 days ago | www.wordfence.com

bounty bug bug bounty disclosure +16

30,000 WordPress Sites affected by Arbitrary SQL Execution Vulnerability Patched in Visualizer WordPress Plugin 2 weeks, 3 days ago | www.wordfence.com

plugin research sql vulnerabilities +6

Revolutionizing WordPress Bug Bounty and Security: Latest Enhancements to the Wordfence Bug Bounty Program 2 weeks, 4 days ago | www.wordfence.com

bounties bounty bug bug bounty +15

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024) 3 weeks, 2 days ago | www.wordfence.com

april bounty bug bug bounty +17

$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin 3 weeks, 5 days ago | www.wordfence.com

april bounty bug bug bounty +17

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com