Loopus WP Attractive Donations System vulnerable to data theft

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.3

Loopus WP Attractive Donations System vulnerable to data theft

CVE-2026-28115

Summary

A security issue in Loopus WP Attractive Donations System makes it possible for attackers to access sensitive data. This issue affects versions 1.26 and earlier of the plugin. To protect your site, update to the latest version of the plugin.

Original title

Original description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WP_AttractiveDonationsSystem allows Blind SQL Injection.This issue affects WP Attractive Donations System - Easy Stripe & Paypal donations: from n/a through <= 1.25.

nvd CVSS3.1 9.3

Vulnerability type

CWE-89 SQL Injection

https://patchstack.com/database/Wordpress/Plugin/WP_AttractiveDonationsSystem/vu...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026