Update the WordPress Donations plugin to the latest available version (at least 1.3.1).
Jerome Bruandet (Nintechnet) discovered and reported this Bypass Vulnerability vulnerability in WordPress Donations Plugin. A bypass vulnerability could allow a malicious actor to bypass certain restrictions in the code. For example a way to bypass certain authorization checks which might allow a malicious actor to gain access to the admin panel. This vulnerability has been fixed in version 1.3.1.
Authenticated Stored CrossSite Scripting (XSS) vulnerability
13.05.2022
Unauthenticated SQL Injection (SQLi) vulnerability
29.03.2022