CVE-2025-12877 – IDonate – Blood Donation, Request And Donor Management System

CVE ID : CVE-2025-12877

Published : Nov. 22, 2025, 8:15 a.m. | 1 hour, 1 minute ago

Description : The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modification od data due to a missing capability check on the panding_blood_request_action() function in all versions up to, and including, 2.1.15. This makes it possible for unauthenticated attackers to delete arbitrary posts.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-13090 – WP Directory Kit

CVE-2025-41744 – Sprecher Automation: SPRECON-E series has static default key material for TLS connections

CVE-2025-41743 – Sprecher Automation: SPRECON-E series prone to weak encryption of update files

CVE-2025-41742 – Sprecher Automation: SPRECON-E series has a critical vulnerability due to the use of static cryptographic keys in system components