Lucene search
K

94 matches found

NVD
NVD
added 11 hours ago5 views

CVE-2026-13347

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...

7.5CVSS
Exploits0References3
CVE
CVE
added 12 hours ago11 views

CVE-2026-13347

The CVE-2026-13347 entry documents an unauthenticated Arbitrary File Read in WordPress Hide My WP Lite (versions ≤ 1.3) via the he_wrapper_js and he_wrapper_css parameters. The vulnerability stems from elementor_assets_filter() concatenating user input onto ABSPATH and passing it to file_get_cont...

7.5CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added 12 hours ago5 views

CVE-2026-13347 Hide My WP Lite <= 1.3 - Unauthenticated Path Traversal to Arbitrary File Read via 'he_wrapper_js' Parameter

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 12 hours ago3 views

CVE-2026-13347

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...

7.5CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-42831

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the hewrapperjs and hewrappercss query parameters processed by the elementorassetsfilter function. This is due to the function concatenating user-supplied input directly onto...

7.5CVSS6.1AI score
Exploits0References3
Patchstack
Patchstack
added 13 hours ago6 views

WordPress Hide My WP Lite plugin <= 1.3 - Unauthenticated Path Traversal to Arbitrary File Read vulnerability

Unauthenticated Path Traversal to Arbitrary File Read vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Hide My WP Lite versions = 1.3...

7.5CVSS5.9AI score
Exploits0References1Affected Software1
Nuclei
Nuclei
added 16 hours ago19 views

Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure

The Hide My WP Ghost plugin does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the hidden login page. id: CVE-2024-6420 info: name: Hide My WP Ghost 5.2.02 - Hidden Login Page Disclosure author: jpg0mez severity: hig...

8.6CVSS5.9AI score0.018EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.6 views

CVE-2026-39484

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

4.7CVSS5.8AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 9:31 a.m.6 views

EUVD-2026-20152

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

5.9AI score0.00201EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.10 views

CVE-2026-39484

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

4.7CVSS0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.4 views

CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

5.8AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.26 views

CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

4.7CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.19 views

CVE-2026-39484

CVE-2026-39484 is a URL redirection to an untrusted site (open redirect) vulnerability in the WordPress plugin Hide My WP Ghost . Affected: Hide My WP Ghost product for WordPress, versions from n/a through

4.7CVSS5.9AI score0.00201EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.9 views

CVE-2026-39484

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

5.9AI score0.00201EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.12 views

WordPress plugin Hide My WP Ghost 输入验证错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.7CVSS5.8AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.13 views

PT-2026-31123

CVE-2026-39484 URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from… https://t.co/omlG1NbySg...

5.8AI score0.00201EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/03/18 10:12 a.m.4 views

WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Or Benit in WordPress Plugin Hide My WP Ghost versions 7.0.00...

5.9AI score0.00201EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.6 views

CVE-2025-69098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.6 views

CVE-2025-69098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.21 views

CVE-2025-69098 WordPress Hide My WP plugin <= 6.2.12 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...

7.1CVSS0.00175EPSS
Exploits0References1
Rows per page
Query Builder