The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors page.
https://wpscan.com/vulnerability/da4ab508-a423-4c7f-a1d4-42ec6f989309