CVE-2026-39940 | ChurchCRM up to 6.x DonatedItemEditor.php redirect (GHSA-5g52-rvjf-6wwf)

A vulnerability identified as problematic has been detected in ChurchCRM up to 6.x. Affected is an unknown function of the file DonatedItemEditor.php. The manipulation leads to open redirect.

This vulnerability is documented as CVE-2026-39940. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More