CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The WP Helper Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'whpsmtpsendmailtest' function in all versions up to, and including, 4.6.1. This makes it possible for unauthenticated attackers to send emails containing any...

5.3CVSS5.9AI score0.00552EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:52 a.m.•5 views

CVE-2023-46614

Cross-Site Request Forgery CSRF vulnerability in Mat Bao Corp WP Helper Premium plugin = 4.5.1 versions...

8.8CVSS8.5AI score0.00053EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 11:46 p.m.•2 views

CVE-2025-24737

Missing Authorization vulnerability in Mat Bao Corporation WP Helper Premium wp-helper-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Helper Premium: from n/a through = 4.6.1...

6.5CVSS5.9AI score0.00251EPSS

Exploits0References1

NVD•added 2025/04/17 4:15 p.m.•4 views

CVE-2025-24737

6.5CVSS0.00251EPSS

Exploits0References1

CVE•added 2025/04/17 3:48 p.m.•42 views

CVE-2025-24737

The CVE-2025-24737 entry concerns WordPress WP Helper Premium Plugin versions through 4.6.1 with a Missing Authorization vulnerability that allows access to functionality not properly constrained by ACLs. Reported context in multiple sources (Red Hat, NVD, CVE list, Patchstack) identifies a broke...

6.5CVSS5.9AI score0.00251EPSS

Exploits0References1

Vulnrichment•added 2025/04/17 3:48 p.m.•3 views

CVE-2025-24737 WordPress WP Helper Premium plugin <= 4.6.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mat Bao Corporation WP Helper Premium allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Helper Premium: from n/a through 4.6.1...

6.5CVSS6.9AI score0.00251EPSS

Exploits0References1

CNNVD•added 2025/04/17 12:0 a.m.•2 views

WordPress plugin WP Helper Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS6.6AI score0.00251EPSS

Exploits0References1

Positive Technologies•added 2025/04/17 12:0 a.m.•2 views

PT-2025-17046 · Unknown · Wp Helper Premium

Name of the Vulnerable Software and Affected Versions: WP Helper Premium versions through 4.6.1 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions through 4.6.1, update to...

6.5CVSS6.1AI score0.00251EPSS

Exploits0References3

RedhatCVE•added 2025/02/05 6:52 a.m.•6 views

CVE-2024-32595

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mat Bao Corp WP Helper Premium allows Reflected XSS.This issue affects WP Helper Premium: from n/a before 4.6.0...

7.1CVSS5.2AI score0.00274EPSS

Exploits0References1

OSV•added 2024/10/10 2:15 a.m.•2 views

CVE-2024-9065

5.3CVSS5.8AI score

Exploits0References2

Positive Technologies•added 2024/10/09 12:0 a.m.•2 views

PT-2024-39400 · WordPress · Wp Helper Premium

Name of the Vulnerable Software and Affected Versions: WP Helper Premium plugin for WordPress versions up to, and including, 4.6.1 Description: The issue is related to a missing capability check on the whp smtp send mail test function, allowing unauthenticated attackers to send emails with any...

5.3CVSS6.7AI score0.00552EPSS

Exploits0References8

Patchstack•added 2024/09/30 5:2 a.m.•2 views

WordPress WP Helper Premium plugin <= 4.6.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata in WordPress Plugin WP Helper Premium versions = 4.6.1...

6.5CVSS7AI score0.00251EPSS

Exploits0Affected Software1

WPVulnDB•added 2024/04/24 12:0 a.m.•14 views

WP Helper Premium < 4.6.0 - Reflected Cross-Site Scripting

Description The WP Helper Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to 4.6.0 exclusive due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...

7.1CVSS6.5AI score0.00274EPSS

Exploits0References1Affected Software1

NVD•added 2024/04/18 9:15 a.m.•7 views

CVE-2024-32595

7.1CVSS6.9AI score0.00274EPSS

Exploits0References1

Vulnrichment•added 2024/04/18 8:32 a.m.•13 views

CVE-2024-32595 WordPress WP Helper Premium plugin < 4.6.0 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS6.9AI score0.00274EPSS

Exploits0References1

Cvelist•added 2024/04/18 8:32 a.m.•14 views

CVE-2024-32595 WordPress WP Helper Premium plugin < 4.6.0 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS7.1AI score0.00274EPSS

Exploits0References1

CVE•added 2024/04/18 8:32 a.m.•62 views

CVE-2024-32595

CVE-2024-32595 is a Reflected XSS affecting WP Helper Premium for WordPress (pre-4.6.0). Affected component: WP Helper Premium plugin; root cause: improper input neutralization during web page generation leading to reflected script execution. Impact: low to high depending on context (per CVSS v3....

7.1CVSS5.2AI score0.00274EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by