CVE-2025-63010

Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...

EUVD-2025-201999

Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...

CVE-2025-63010

Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...

CVE-2025-63010 WordPress Hercules Core plugin <= 7.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...

CVE-2025-63010 WordPress Hercules Core plugin <= 7.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...

CVE-2025-63010

CVE-2025-63010 is a SSRF vulnerability reported in multiple sources affecting ThemesInflow Hercules Core (hercules-core) and the WordPress Hercules Core plugin, with versions up to and including 7.4 affected. The root cause is a server-side request forgery vulnerability that could be exploited to...

WordPress plugin Hercules Core 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

PT-2025-50030

Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...

WordPress Hercules Core plugin <= 7.4 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Bonds in WordPress Plugin Hercules Core versions = 7.4...

EUVD-2024-28159

Malicious code in bioql PyPI...

CVE-2024-30228

Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue affects Hercules Core : from n/a through 6.4...

CVE-2024-37232

Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5...

CVE-2024-37232 WordPress Hercules Core plugin <= 6.5 - Subscriber+ Arbitrary Settings Change/Access vulnerability

Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5...

CVE-2024-37232 WordPress Hercules Core plugin <= 6.5 - Subscriber+ Arbitrary Settings Change/Access vulnerability

Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5...

PT-2024-27402 · Unknown · Hercules Core

Name of the Vulnerable Software and Affected Versions: Hercules Core versions n/a through 6.5 Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured Access Control Security Levels. Recommendations: For versions n/a throu...

WordPress plugin Hercules Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Hercules Core plugin <= 6.5 - Subscriber+ Arbitrary Settings Change/Access vulnerability

Subscriber+ Arbitrary Settings Change/Access vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Hercules Core versions = 6.5...

WordPress Hercules Core Plugin <= 6.5 is vulnerable to Settings Change

Software Hercules Core Type Plugin Vulnerable versions = 6.5 Fixed in 6.7 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-37232 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 1152267cf25e Credits Dave Jong Patchstack Required privilege...

CVE-2024-30228 WordPress Hercules Core plugin <= 6.4 - Auth. PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue affects Hercules Core : from n/a through 6.4...

CVE-2024-30228

CVE-2024-30228 affects the WordPress Hercules Core plugin (≤ 6.4). The vulnerability is a PHP Object Injection via deserialization of untrusted input, exploitable by authenticated users with subscriber-level access. Impact (as stated) can include deletion of arbitrary files, exposure of sensitive...