WordPress GiveWP Plugin Update Advisory (CVE-2024-9634)

Oct 17 2024

Overview

An update has been released to address vulnerabilities in WordPress GiveWP Plugin. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-9634

Donation Plugin and Fundraising Platform versions: ~ 3.16.3 (inclusive)

Resolved Vulnerabilities

PHP Object Injection vulnerability (CVE-2024-9634) allows remote code execution via untrusted input

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-9634

Donation Plugin and Fundraising Platform version: 3.16.4

Referenced Sites

[1] CVE-2024-9634 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-9634

[2] GiveWP – Donation Plugin and Fundraising Platform <= 3.16.3 – Unauthenticated PHP Object Injection to Remote Code Execution

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/give/givewp-donation-plugin-and-fundraising-platform-3163-unauthenticated-php-object-injection-to-remote-code-execution

WordPress GiveWP Plugin Update Advisory (CVE-2024-9634)

MS Family October 2024 Security Update Advisory

Cisco Family October 2024 3rd Security Update Advisory

Tags:

MS Family October 2024 Security Update Advisory

Cisco Family October 2024 3rd Security Update Advisory