94 matches found
CVE-2026-13347
The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...
CVE-2026-13347
The CVE-2026-13347 entry documents an unauthenticated Arbitrary File Read in WordPress Hide My WP Lite (versions ≤ 1.3) via the he_wrapper_js and he_wrapper_css parameters. The vulnerability stems from elementor_assets_filter() concatenating user input onto ABSPATH and passing it to file_get_cont...
CVE-2026-13347 Hide My WP Lite <= 1.3 - Unauthenticated Path Traversal to Arbitrary File Read via 'he_wrapper_js' Parameter
The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...
CVE-2026-13347
The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...
EUVD-2026-42831
The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...
WordPress Hide My WP Lite plugin <= 1.3 - Unauthenticated Path Traversal to Arbitrary File Read vulnerability
Unauthenticated Path Traversal to Arbitrary File Read vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Hide My WP Lite versions = 1.3...
Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure
The Hide My WP Ghost plugin does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the hidden login page. id: CVE-2024-6420 info: name: Hide My WP Ghost 5.2.02 - Hidden Login Page Disclosure author: jpg0mez severity: hig...
CVE-2026-39484
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...
EUVD-2026-20152
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...
CVE-2026-39484
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...
CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...
CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...
CVE-2026-39484
CVE-2026-39484 is a URL redirection to an untrusted site (open redirect) vulnerability in the WordPress plugin Hide My WP Ghost . Affected: Hide My WP Ghost product for WordPress, versions from n/a through
CVE-2026-39484
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...
WordPress plugin Hide My WP Ghost 输入验证错误漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-31123
CVE-2026-39484 URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from… https://t.co/omlG1NbySg...
WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability
Open Redirection vulnerability discovered by Or Benit in WordPress Plugin Hide My WP Ghost versions 7.0.00...
CVE-2025-69098
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...
CVE-2025-69098
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...
CVE-2025-69098 WordPress Hide My WP plugin <= 6.2.12 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...