CVE-2024-30229

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Mar 28, 2024
CWE ID 502

Summary

CVE-2024-30229 is a Deserialization of Untrusted Data vulnerability that affects GiveWP, an WordPress plugin used for donation forms. This issue, affecting versions from n/a to 3.4.2, can potentially allow an attacker to execute arbitrary code by providing maliciously crafted data to the application. Successful exploitation could result in unauthorized access, data loss, or system compromise. Users are encouraged to update to the latest version of GiveWP as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share