IDonate

ThemeAtelier

Developer

2.1.15

Latest version

100

Installations

5 hours ago

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Vulnerability history

1 present

4 fixed

4 Mitigation rules

WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function vulnerability
2.1.5-2.1.9
Nov 7, 2025
WordPress IDonate plugin 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete Function vulnerability
2.0.0-2.1.9
Nov 7, 2025
Unauthenticated User Deletion vulnerability
< 2.1.13
Oct 28, 2025
Local File Inclusion vulnerability
<= 2.1.15
Apr 9, 2025
Admin+ Stored XSS vulnerability
< 2.0.0
Mar 1, 2024