44 matches found
WordPress Helloprint <1.4.7 - Cross-Site Scripting
WordPress Helloprint plugin before 1.4.7 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. Th...
CVE-2025-13666
The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible for unauthenticated...
EUVD-2025-201528
The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible for unauthenticated...
CVE-2025-13666
The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible for unauthenticated...
CVE-2025-13666 Helloprint <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Modification
The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible for unauthenticated...
CVE-2025-13666 Helloprint <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Modification
The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.2. This is due to the plugin registering a public REST API endpoint without implementing authorization checks to verify request authenticity. This makes it possible for unauthenticated...
CVE-2025-13666
CVE-2025-13666 refers to the Helloprint WordPress plugin (WordPress Helloprint plugin) with vulnerability in versions up to and including 2.1.2. The issue is Missing Authorization due to a publicly registered REST API endpoint that does not verify request authenticity, enabling unauthenticated ac...
WordPress plugin Helloprint 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress Helloprint plugin <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Modification vulnerability
Missing Authorization to Unauthenticated Arbitrary Order Status Modification vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Helloprint versions = 2.1.2...
EUVD-2025-5638
Malicious code in bioql PyPI...
EUVD-2025-5611
Malicious code in bioql PyPI...
EUVD-2024-44938
Malicious code in bioql PyPI...
CVE-2022-3908
The Helloprint WordPress plugin before 1.4.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2025-26534
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26540
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26540
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26534
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26540
CVE-2025-26540 corresponds to a path traversal vulnerability in the WordPress Helloprint plugin. The affected component is the Helloprint plugin for WordPress, with versions n/a through 2.0.7. Root cause: improper limitation of a pathname to a restricted directory, enabling traversal to access or...
CVE-2025-26540 WordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26534 WordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7...