Critical Flaw Hits GiveWP: Protect Your WordPress Site Now!

A huge security issue popped up in the GiveWP Donation Plugin on March 3, 2025. This plugin helps websites take donations, but now over 10,000 WordPress sites are in danger. Because of this flaw, bad guys can attack these sites and take control.

What’s the Flaw? The Problem’s Name Experts call this flaw CVE-2025-0912. It’s super serious, and attackers don’t even need a password to use it. How It Happens

The trouble starts with a part of the donation form called “card_address.” The plugin doesn’t check it well enough, so attackers sneak in bad code and take over the site.