N/A
2026-04-06< 1.8.10
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.9.7 - Insufficient Verification of Data Authenticity to Unauthenticated Donation Status Forgery via Stripe Webhook
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More
Minimum safe version
1.8.10
Update to 1.8.10 or later to address 18 fixable vulnerabilities
Latest available1.8.10.4 ✓
High 8.8
2025-10-25< 1.8.8.5
CVE-2025-11893
Medium 4.4
2025-06-26< 1.8.6.2
Charitable <= 1.8.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin's Privacy Settings
Medium 5.9
2025-05-07< 1.8.5.2
CVE-2025-47520
Medium 6.5
2025-03-27< 1.8.4.8
CVE-2025-30770
Medium 6.1
2024-11-09< 1.8.3.1
CVE-2024-10876
Critical 9.8
2024-09-24< 1.8.1.15
CVE-2024-8791
Medium 6.5
2024-11-01< 1.8.1.8
CVE-2024-37510
Medium 5.3
2024-11-01< 1.8.1.8
CVE-2024-37506
Medium 6.5
2023-11-22< 1.7.0.14
CVE-2023-47816
N/A
2023-10-11< 1.7.0.14
Charitable <= 1.7.0.13 - Authenticated(Contributor+) Stored Cross-Site Scripting
Critical 9.8
2023-08-23< 1.7.0.13
CVE-2023-4404
High 7.1
2023-05-10< 1.7.0.11
CVE-2022-47441
N/A
2021-07-21< 1.6.51
Charitable – Donation Plugin <= 1.6.50 - Unauthenticated Stored Cross-Site Scripting
N/A
< 1.6.51
Charitable - Donation Plugin < 1.6.51 - Unauthenticated Stored Cross-Site Scripting
N/A
2021-07-21< 1.6.51
WordPress Charitable plugin <= 1.6.50 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
High 7.5
2019-09-09< 1.5.14
CVE-2018-21011
Medium 5.4
2021-08-23< 1.6.51
CVE-2021-24531