{"id":"CVE-2019-13578","details":"A SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php.","modified":"2026-02-24T01:17:13.314695Z","published":"2019-08-15T16:15:11.947Z","references":[{"type":"ADVISORY","url":"https://fortiguard.com/zeroday/FG-VD-19-098"},{"type":"ADVISORY","url":"https://github.com/impress-org/give/commit/894937d7927eab0c98457656cbd6fb414b3a6fbf"},{"type":"ADVISORY","url":"https://github.com/impress-org/give/commit/97b9b5fae2d10742ee42fe00092729fa7da3cb32"},{"type":"ADVISORY","url":"https://github.com/impress-org/give/commit/d91f4c6dcc92aeb826b060cb2feadd56885f4cea"},{"type":"ADVISORY","url":"https://wpvulndb.com/vulnerabilities/9504"},{"type":"FIX","url":"https://github.com/impress-org/give/commit/894937d7927eab0c98457656cbd6fb414b3a6fbf"},{"type":"FIX","url":"https://github.com/impress-org/give/commit/97b9b5fae2d10742ee42fe00092729fa7da3cb32"},{"type":"FIX","url":"https://github.com/impress-org/give/commit/d91f4c6dcc92aeb826b060cb2feadd56885f4cea"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/impress-org/givewp","events":[{"introduced":"0"},{"fixed":"894937d7927eab0c98457656cbd6fb414b3a6fbf"},{"introduced":"0"},{"fixed":"97b9b5fae2d10742ee42fe00092729fa7da3cb32"},{"introduced":"0"},{"fixed":"d91f4c6dcc92aeb826b060cb2feadd56885f4cea"}]}],"versions":["0.9.5","0.9.5.1","1.0","1.0.0","1.0.1","1.1","1.18.18","1.2","1.2.1","1.3","1.3.0.4","1.3.1","1.3.1.1","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.4","1.4.1","1.4.2","1.4.3","1.4.4","1.4.5","1.5","1.5.1","1.5.2","1.6","1.6.1","1.6.2","1.6.3","1.6.4","1.7","1.7.1","1.7.2","1.8","1.8.1","1.8.10","1.8.11","1.8.12","1.8.13","1.8.14","1.8.15","1.8.16","1.8.17","1.8.19","1.8.2","1.8.3","1.8.4","1.8.5","1.8.6","1.8.7","1.8.7.1","1.8.8","1.8.9","2.0.0","2.0.1","2.0.2","2.0.3","2.0.4","2.0.5","2.1.3","2.1.4","2.1.5","2.2.0","2.2.1","2.2.2","2.2.4","2.2.5","2.3.0","2.4.0","2.4.1","2.4.2","2.4.3","2.4.4","2.4.5","2.4.6","2.4.7"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-13578.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}