84 matches found
EUVD-2025-2698
Malicious code in bioql PyPI...
EUVD-2024-52444
Malicious code in bioql PyPI...
EUVD-2025-10468
Malicious code in bioql PyPI...
EUVD-2025-11731
Malicious code in bioql PyPI...
EUVD-2025-11714
Malicious code in bioql PyPI...
EUVD-2024-45865
Malicious code in bioql PyPI...
EUVD-2025-10461
Malicious code in bioql PyPI...
EUVD-2024-52427
Malicious code in bioql PyPI...
EUVD-2025-10450
Malicious code in bioql PyPI...
CVE-2025-5018
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...
CVE-2025-5019
The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hsupdateaichatsettings function. This mak...
CVE-2025-5019
The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hsupdateaichatsettings function. This mak...
CVE-2025-5018 Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...
CVE-2025-5018 Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...
CVE-2025-5019 Hive Support <= 1.2.5 - Cross-Site Request Forgery via hs_update_ai_chat_settings Function
The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hsupdateaichatsettings function. This mak...
CVE-2025-5019 Hive Support <= 1.2.5 - Cross-Site Request Forgery via hs_update_ai_chat_settings Function
The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hsupdateaichatsettings function. This mak...
CVE-2025-5019
CVE-2025-5019 affects Hive Support (WordPress plugin). The root cause is missing or improper nonce validation in hs_update_ai_chat_settings(), enabling CSRF. This allows unauthenticated attackers to reconfigure the plugin’s AI/chat settings (including API keys) and potentially redirect notificati...
PT-2025-24034 · WordPress · Hive Support
Name of the Vulnerable Software and Affected Versions: Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress versions 1.2.2 and earlier Description: The issue is related to Cross-Site Request Forgery due to incomplete or incorrect nonce validation in the hs update ai...
PT-2025-24033 · WordPress · Hive Support
Name of the Vulnerable Software and Affected Versions: Hive Support plugin for WordPress affected versions not specified Description: The issue concerns unauthorized access and modification of data due to a missing capability check. This allows for an authentication bypass, enabling unauthorized...
WordPress plugin Hive Support 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...