Alireza Gharib Blog

CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000 Active Installations

CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000 Active Installations

A severe vulnerability has been identified in the GiveWP plugin, one of WordPress’s most widely used tools for online donations and fundraising. Tracked as CVE-2025-22777, the flaw has a CVSS score of …
Read more


Published Date:
Jan 12, 2025 (14 hours, 44 minutes ago)

Vulnerabilities has been mentioned in this article.

Go to Source

Tags: #cve, #cybersecurity, #security, 00, 02

Related Posts

CVE-2024-57878 – Linux Kernel Arm64 Ptrace FPMR Initialization Leak CVE-2024-12847: Proof-of-Concept Exploit Code Released CVE-2024-12847 – NETGEAR DGN1000 Remote Root Command Injection Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast Threat Actors Exploit a Critical Ivanti RCE Bug, Again TheCyberThrone Security Weekly Review – January 11, 2025 Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887 Ivanti Connect Secure Zero-Day Threat: 2,048 Vulnerable Devices and Critical Exploitation Details Unveiled Fake LDAPNightmware exploit on GitHub spreads infostealer malware CVE-2025-23128 – CVE-2022-47713: VMware VMware Workstation – Inadequate Bounds Checking CVE-2025-23127 – Here is the title: Android Permissions Denial of Service CVE-2025-23126 – CVE-2021-36344: Apache Struts Code Injection Vulnerability CVE-2025-23124 – CVE-2022-4792: Dell EMC NetWorker Authentication Bypass Vulnerability CVE-2025-22598 – WeGIA Cadastral Stored Cross-Site Scripting (XSS) Vulnerability CVE-2025-22597 – WeGIA Stored Cross-Site Scripting (XSS) Vulnerability CVE-2025-0398 – Longpi1 Warehouse Cross Site Scripting in Backend CVE-2025-0397 – Reckn SPPanAdmin Cross-Site Scripting (XSS) CVE-2025-0396 – Exelban Stats XPC Service Command Injection Vulnerability CVE-2024-9188 – Oracle WebLogic SQL Injection Vulnerability
, , , ,
, , , ,
Recent Posts