IDonate

ThemeAtelier

Developer

2.1.17

Latest version

100

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

1 present

7 fixed

5 Mitigation rules

WordPress IDonate - Blood Donation, Request And Donor Management System plugin <= 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability
<= 2.1.14
9 hours ago
WordPress IDonate plugin 2.0.0 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via admin_donor_profile_view Function vulnerability
2.0.0-2.1.9
Jan 30, 2026
Broken Access Control vulnerability
<= 2.1.15
Dec 7, 2025
WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function vulnerability
2.1.5-2.1.9
Nov 7, 2025
WordPress IDonate plugin 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete Function vulnerability
2.0.0-2.1.9
Nov 7, 2025
Unauthenticated User Deletion vulnerability
< 2.1.13
Oct 28, 2025
Local File Inclusion vulnerability
<= 2.1.17
Apr 9, 2025
Admin+ Stored XSS vulnerability
< 2.0.0
Mar 1, 2024