14 matches found
CVE-2025-5018
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...
CVE-2025-5019
The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hsupdateaichatsettings function. This mak...
CVE-2025-5018 Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hsupdateaichatsettings and hivelitesupportgetallbinbox functions in all versions up to, and including, 1.2.5. This makes it possible for authenticated...
CVE-2025-5019 Hive Support <= 1.2.5 - Cross-Site Request Forgery via hs_update_ai_chat_settings Function
The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hsupdateaichatsettings function. This mak...
WordPress plugin Hive Support 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-24033 · WordPress · Hive Support
Name of the Vulnerable Software and Affected Versions: Hive Support plugin for WordPress affected versions not specified Description: The issue concerns unauthorized access and modification of data due to a missing capability check. This allows for an authentication bypass, enabling unauthorized...
CVE-2025-32666
CVE-2025-32666 concerns the WordPress plugin Hive Support. The vulnerability is a reflected Cross-Site Scripting (XSS) flaw in Hive Support versions up to and including 1.2.2, enabling attacker-controlled input to be reflected in web pages. Public sources in the Connected documents indicate remed...
CVE-2025-32242 WordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hive Support: from n/a through = 1.2.5...
WordPress plugin Hive Support 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Hive Support 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Hive Support 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-22298 WordPress Hive Support plugin <= 1.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Hive Support Hive Support hive-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support: from n/a through = 1.1.6...
WordPress Hive Support plugin <= 1.1.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Hive Support versions = 1.1.6...
WordPress Hive Support plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by hunter85 Patchstack Alliance in WordPress Plugin Hive Support versions = 1.1.2...