The Simple Giveaways plugin for WordPress is not secure in versions 2.45.0 and earlier. It can be used by attackers with administrator-level access to inject malicious code into pages. This code will be executed when the page is viewed by any user. This problem only affects multi-site installations and installations where the “”unfiltered_html”” feature has been disabled.